Maven package
com.liferay.commerce/com.liferay.commerce.catalog.web
pkg:maven/com.liferay.commerce/com.liferay.commerce.catalog.web
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-42119 | — | < 4.0.8 | 4.0.8 | Nov 15, 2022 | Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 through 7.4.2 and Liferay DXP 7.3 before update 8. |
- CVE-2022-42119Nov 15, 2022affected < 4.0.8fixed 4.0.8
Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 through 7.4.2 and Liferay DXP 7.3 before update 8.