CVE-2021-29049

More information about this CVE will likely be available in a few days.

Description

Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter.

Related CPE's

Could not find any relations

References

https://issues.liferay.com/browse/LPE-17211

http://liferay.com

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io