Unrated severityNVD Advisory· Published Oct 13, 2022· Updated May 15, 2025
CVE-2022-38902
CVE-2022-38902
Description
A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the name field of newly created topic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 7.3.10 SP3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.