Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-17179

LSV-772: Security vulnerability in highlight.js 10.1.0 (Questions)

    XMLWordPrintable

    Details

    • CVSS Base Score:
      8.0
    • CVSS Vector String:
      CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
    • 7.3 Fix Pack Version:
      1

      Description

      The Questions module in Liferay DXP 7.3 is bundled with highlights.js 10.1.0 which has known vulnerabilities. For more details, please see https://github.com/advisories/GHSA-vfrc-7r7c-w9mx and https://github.com/advisories/GHSA-7wwv-vh3v-89cq

        Attachments

          Issue Links

          relates

          Bug - A problem which impairs or prevents the functions of the product. LPE-17151 LSV-772: Security vulnerability in highlight.js 10.1.0 (Questions)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              Assignee:
              support-ee EE Support
              Reporter:
              EnterpriseReleaseHU Enterprise Release HU
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package
                  7.3.X EE