-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 7.0 DE (7.0.10), 7.1 DXP (7.1.10), 7.2 DXP (7.2.10)
-
CVSS Base Score:5.4
-
CVSS Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
-
7.0 Fix Pack Version:94
-
7.1 Fix Pack Version:19
-
7.2 Fix Pack Version:8
Cross-site scripting (XSS) vulnerability in the Web Content Display in Liferay DXP 7.0, 7.1 and 7.2 allows remote attackers to inject arbitrary web script or HTML via web content template names.