VYPR

Maven package

com.liferay.portal/com.liferay.portal.web

pkg:maven/com.liferay.portal/com.liferay.portal.web

Vulnerabilities (1)

  • CVE-2024-25610Feb 20, 2024
    affected < 5.0.96fixed 5.0.96

    In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote