VYPR
Critical severityNVD Advisory· Published Nov 17, 2023· Updated Aug 29, 2024

CVE-2023-47797

CVE-2023-47797

Description

Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the p_l_back_url_title parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.liferay.portal:release.portal.bomMaven
>= 7.4.3.94, < 7.4.3.967.4.3.96

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.