CVE-2021-33328 (GCVE-0-2021-33328)

Vulnerability from cvelistv5 – Published: 2021-08-03 18:41 – Updated: 2024-08-03 23:50
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the (1) _com_liferay_journal_web_portlet_JournalPortlet_name or (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:50:41.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.liferay.com/browse/LPE-17100"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Asset module\u0027s edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the (1) _com_liferay_journal_web_portlet_JournalPortlet_name or (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-03T18:41:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.liferay.com/browse/LPE-17100"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-33328",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Asset module\u0027s edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the (1) _com_liferay_journal_web_portlet_JournalPortlet_name or (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972",
              "refsource": "CONFIRM",
              "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972"
            },
            {
              "name": "https://issues.liferay.com/browse/LPE-17100",
              "refsource": "CONFIRM",
              "url": "https://issues.liferay.com/browse/LPE-17100"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-33328",
    "datePublished": "2021-08-03T18:41:46",
    "dateReserved": "2021-05-20T00:00:00",
    "dateUpdated": "2024-08-03T23:50:41.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"43A92274-7D88-4F0F-8265-CF862011F27F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"4874012D-52AA-4C32-95E9-BD331225B4E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"21CAF86F-CEC9-44EE-BAF8-0F7AF9D945F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_24:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF6C9F29-EEFF-4737-BD50-58572D6C14E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_25:*:*:*:*:*:*\", \"matchCriteriaId\": \"D24E1FA0-BD94-4AFC-92BF-AEDEBC7DCF4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_26:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF9B54EE-973B-44B4-8EA2-B58FA49AC561\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_27:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9637223-557D-474B-A46B-D276866376C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_28:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6306F9C-99DE-4F94-8E7F-6747762BEC45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_3\\\\+:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DFF08F0-77C1-43A0-B7DD-9B905BE074EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_30:*:*:*:*:*:*\", \"matchCriteriaId\": \"48B7015C-26B9-453E-B3CF-9B220D3A8024\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_33:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FEB6921-3C45-4B7E-8B34-CDC34984583D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_35:*:*:*:*:*:*\", \"matchCriteriaId\": \"525F45DC-2E5C-46A8-AEDF-9D6B8FA2EB11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_36:*:*:*:*:*:*\", \"matchCriteriaId\": \"55755D0C-4C0C-42D9-BE5E-5D33C8BA4C7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_39:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB4FE0F9-EB19-45D7-A953-674629D951F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_40:*:*:*:*:*:*\", \"matchCriteriaId\": \"22E4B63F-01A9-4F85-92BC-A51F41BE4121\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_41:*:*:*:*:*:*\", \"matchCriteriaId\": \"23BE441D-8770-4F4D-86CD-4E53161F54FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_42:*:*:*:*:*:*\", \"matchCriteriaId\": \"E14FF010-3907-4C79-B945-C792E446CB31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_43:*:*:*:*:*:*\", \"matchCriteriaId\": \"B97B5817-B55E-485D-9747-3A50CF7245C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_44:*:*:*:*:*:*\", \"matchCriteriaId\": \"19EBD671-56BD-45D3-9248-DAF3F47B36FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_45:*:*:*:*:*:*\", \"matchCriteriaId\": \"93EDC2A1-9622-44DB-ABA8-754D61B60787\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_46:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4B6A06D-C323-431C-9A65-4FD6A6E4CAB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_47:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE6D4466-1C3A-4D5A-A65C-A30A87EADF1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_48:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F0BC40A-8E13-4665-A2E4-F5815CA70E17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_49:*:*:*:*:*:*\", \"matchCriteriaId\": \"11FB69C3-7755-495A-AB76-201AF4D9623B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_50:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF66F652-6C08-4D47-865D-36E70360B632\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_51:*:*:*:*:*:*\", \"matchCriteriaId\": \"17B68D59-0509-4C6A-B803-03A02EB76F1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_52:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F69B287-3B86-4B64-BCB4-40E9495A628D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_53:*:*:*:*:*:*\", \"matchCriteriaId\": \"C627090E-A1BF-4332-9538-EE4E184DB65E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_54:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A089471-9944-4C75-A25F-1F23C18C0CF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_56:*:*:*:*:*:*\", \"matchCriteriaId\": \"B90E7FBF-6B5B-457A-8B20-ECA69A626BB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_57:*:*:*:*:*:*\", \"matchCriteriaId\": \"1975C1AB-EF50-42E2-9879-17FB763B45F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_58:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFB7BB13-773B-47A6-A001-B9EBA46C917E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_59:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C4A2D39-3725-4E80-9F3F-AC1F4EE662E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_60:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAEDF88B-B9C8-4891-B199-A72C066FC7BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_61:*:*:*:*:*:*\", \"matchCriteriaId\": \"F768E1DD-3DC6-4783-82DE-D089C7CD3C63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_64:*:*:*:*:*:*\", \"matchCriteriaId\": \"426EDA92-FE5A-4523-8AAE-1E5D5D67F535\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_65:*:*:*:*:*:*\", \"matchCriteriaId\": \"070CB609-6D4B-4817-9F91-00BD62423E56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_66:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEE87846-A4CF-47E5-93AA-5D7E2548D28D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_67:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4C11B0E-6D94-4A65-83BE-1E5828710CB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_68:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1DC73B1-4017-424F-A28D-F54F2FA8ED8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_69:*:*:*:*:*:*\", \"matchCriteriaId\": \"32B4FD3C-7BB7-4DA2-9A3A-05A6370B9745\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_70:*:*:*:*:*:*\", \"matchCriteriaId\": \"71293E5B-4DCC-47BC-A493-3540D57E6067\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_71:*:*:*:*:*:*\", \"matchCriteriaId\": \"56A8940B-318E-4C6A-9131-A50E90E82C28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_72:*:*:*:*:*:*\", \"matchCriteriaId\": \"F09B5E82-DC18-4B07-9A05-E433579B4FB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_73:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE25D189-2D6F-4229-BF09-2CEA0A6C5D50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_75:*:*:*:*:*:*\", \"matchCriteriaId\": \"36549BE5-DEDB-408A-BFC9-AB00031D45DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_76:*:*:*:*:*:*\", \"matchCriteriaId\": \"E11B8075-4212-41CB-85AC-09FA1CDB86A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_78:*:*:*:*:*:*\", \"matchCriteriaId\": \"80412DCE-D79F-492A-8788-6A43C4D76D7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_79:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC7A939F-21D1-4AF1-BAB9-E91DFCFFB7A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_80:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F2240FC-EDDC-47F5-B713-07FF2D23CE00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_81:*:*:*:*:*:*\", \"matchCriteriaId\": \"5006AAE4-B154-468A-850C-20171965E2AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_82:*:*:*:*:*:*\", \"matchCriteriaId\": \"1541072D-3F14-47A2-8A42-EF2765643AE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_83:*:*:*:*:*:*\", \"matchCriteriaId\": \"2340C85F-0296-4591-8D23-56634C50C5F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_84:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BEC3C5C-DA8C-4620-A38E-BB47D4CB7CBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_85:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DD38B1F-7EEA-4DB5-A31B-D84DC33313FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_86:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC923A9E-CF9D-44DE-AB58-7BCAAFDDE7D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_87:*:*:*:*:*:*\", \"matchCriteriaId\": \"65542031-04E1-485F-8102-04CB65865ECE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_88:*:*:*:*:*:*\", \"matchCriteriaId\": \"B36F2FBD-E949-4608-9ECF-0F05DD8E487E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_89:*:*:*:*:*:*\", \"matchCriteriaId\": \"D68832F1-6D71-4A63-AA8A-86C0EDF9F8E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_90:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD1F579A-084C-46A9-ADCA-8F3FA45D85D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_91:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC81C494-F68E-4580-87FB-7792C1080DFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_92:*:*:*:*:*:*\", \"matchCriteriaId\": \"6693594D-6731-4223-8C28-4873746B97AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_93:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B96CDC5-F4DE-49A2-B09D-318163EC9A09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_94:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEAE13AF-DEEE-4284-A93D-EFE2647E12FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_95:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EEADDC3-C436-452F-9271-8F30A9D03FE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2AA7E18-A41B-4F0D-A04F-57C5745D091B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"392B783D-620D-4C71-AAA0-848B16964A27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F5A94E2-22B7-4D2D-A491-29F395E727C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9B10908-C42B-4763-9D47-236506B0E84A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_12:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF544435-36AC-49B8-BA50-A6B6D1678BBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D265542-5333-4CCD-90E5-B5F6A55F9863\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"1763CD8B-3ACD-4617-A1CA-B9F77A074977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_15:*:*:*:*:*:*\", \"matchCriteriaId\": \"F25C66AA-B60D-413C-A848-51E12D6080AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_16:*:*:*:*:*:*\", \"matchCriteriaId\": \"071A0D53-EC95-4B18-9FA3-55208B1F7B94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_17:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC26A9D4-14D6-46B1-BB00-A2C4386EBCA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_18:*:*:*:*:*:*\", \"matchCriteriaId\": \"350CDEDA-9A20-4BC3-BEAE-8346CED10CD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_19:*:*:*:*:*:*\", \"matchCriteriaId\": \"10C6107E-79B3-4672-B3E5-8A2FA9A829CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3233D306-3F8E-40A4-B132-7264E63DD131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EAEA45A-0370-475E-B4CB-395A434DC3A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"39310F05-1DB6-43BA-811C-9CB91D6DCF20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6135B16-C89E-4F49-BA15-823E2AF26D68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC887BEC-915B-44AC-B473-5448B3D8DCF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7A7CC60-C294-41EC-B000-D15AAA93A3D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"022132F8-6E56-4A29-95D6-3B7861D39CDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"651DA9B7-9C11-47A7-AF5C-95625C8FFF6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CAAE1B7-982E-4D50-9651-DEEE6CD74EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFCF99EC-3384-418D-A419-B9DB607BE371\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"31E05134-A0C5-4937-A228-7D0884276B67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F06C4AD-FD20-4345-8386-0895312F0A00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"98CC25E2-EC3D-43A2-8D03-06F0E804EA63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"30933C36-C710-488F-9601-EE1BB749C58A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"41E94372-A1AE-48B1-82DC-08B7B616473F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"51FBC8E0-34F8-475C-A1A8-571791CA05F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E73EAEA-FA88-46B9-B9D5-A41603957AD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.3.5\", \"matchCriteriaId\": \"12EC8A39-0B8D-47C4-8F54-CB00028EAF3F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the Asset module\u0027s edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the (1) _com_liferay_journal_web_portlet_JournalPortlet_name or (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la p\\u00e1gina de edici\\u00f3n de vocabulario del m\\u00f3dulo Asset en Liferay Portal versiones 7.0.0 hasta 7.3.4, y Liferay DXP versiones 7.0 anteriores a fix pack 96, versiones 7.1 anteriores a fix pack 20, y versiones 7. 2 anteriores a fix pack 9, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los par\\u00e1metros (1) _com_liferay_journal_web_portlet_JournalPortlet_name o (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name\"}]",
      "id": "CVE-2021-33328",
      "lastModified": "2024-11-21T06:08:42.123",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-08-03T19:15:08.823",
      "references": "[{\"url\": \"https://issues.liferay.com/browse/LPE-17100\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://issues.liferay.com/browse/LPE-17100\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-33328\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-03T19:15:08.823\",\"lastModified\":\"2025-05-13T18:17:51.450\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the Asset module\u0027s edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the (1) _com_liferay_journal_web_portlet_JournalPortlet_name or (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la p\u00e1gina de edici\u00f3n de vocabulario del m\u00f3dulo Asset en Liferay Portal versiones 7.0.0 hasta 7.3.4, y Liferay DXP versiones 7.0 anteriores a fix pack 96, versiones 7.1 anteriores a fix pack 20, y versiones 7. 2 anteriores a fix pack 9, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los par\u00e1metros (1) _com_liferay_journal_web_portlet_JournalPortlet_name o (2) _com_liferay_document_library_web_portlet_DLAdminPortlet_name\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4614C87F-F39C-4ADD-A7A2-4A498612AD38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"70E12054-0DEE-4B92-B8F6-7DC4B2461113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*\",\"matchCriteriaId\":\"F220793A-FDAC-48C6-B299-39EB3BC077A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*\",\"matchCriteriaId\":\"F095A9E1-5FE1-46C4-B0E1-97F8767439D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD748DD-6FDB-44CD-96BF-026D18CE4207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3C2426-7617-4535-B86A-7F9BA45DFD0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6B2500-42E4-4F87-8B93-2F7399B4F611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*\",\"matchCriteriaId\":\"28955834-8E02-4558-ABD3-4958DBB41423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4206C84-C4BD-4363-A4CA-EE229CE06319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F644864-1056-4A0C-ADD7-A1992A0AC07D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E9BAE9-CD40-4353-95DB-7D9ADC338F95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*\",\"matchCriteriaId\":\"661E68A2-B365-4962-87CF-CE17A500889F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D28279-002A-4BC7-9396-E47FC842D7AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*\",\"matchCriteriaId\":\"C700ED72-4626-48A0-B1BB-E0A7C12D454F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F473DF1-F70D-4EDB-A011-C8D1C6A21659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*\",\"matchCriteriaId\":\"357845C1-3834-465A-B9CA-F9C604AA8242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD35964D-4156-45B8-A0AB-282DA9F4FA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*\",\"matchCriteriaId\":\"35656567-EF24-4948-A72A-C754D6E419B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A3D95D-4539-432D-B241-376F312534AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F329F1-5BB1-42A7-98CE-B0EB5819D60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B7111FA-9FD7-4952-AFE1-07D3E14854F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*\",\"matchCriteriaId\":\"0383C4C4-A7BB-418D-9A98-AC4233722961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA281A20-7599-446B-9587-118E920403D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*\",\"matchCriteriaId\":\"9514E8F5-1D0B-4CDF-BD03-087326F6C252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*\",\"matchCriteriaId\":\"78BC7D6C-2A10-4F78-9C41-EA97665C246E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA9BE427-78D7-4DEE-A174-F3E3675B44A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C10325C-8670-499B-B003-7D8634539C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F692BEB-5CB1-41EA-B715-64AB0036F6CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*\",\"matchCriteriaId\":\"427C4DF5-9039-4CB5-B600-5F965E20D945\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B7A2A2-5764-4EDB-AA44-25F8508CF128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D94917-5360-4179-A017-1287C63A6E6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D378A23-113D-47AC-9CB5-2658C357FFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*\",\"matchCriteriaId\":\"58FB119E-508C-45F7-8AD8-B67AAAEA53D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3359A5-D39B-4322-8963-B138D791D232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11E2FBD-7541-4CE3-8A78-52FB82571547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*\",\"matchCriteriaId\":\"3883F470-8D8D-4CB3-BF4A-0C401BDABC83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8CEA39-4A7F-4827-91FA-31119201D174\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768AC9-A245-4B81-8D1D-9D9C5354245C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF2D31F-8719-41A6-ADD5-15BE9409428E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*\",\"matchCriteriaId\":\"06835B0A-A2DF-44D3-A38F-59E5D5523FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*\",\"matchCriteriaId\":\"B746D0CF-76F6-42A1-9056-CA9622DCD806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*\",\"matchCriteriaId\":\"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD019A57-FC7A-4B1F-9946-FA15C90FC985\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B2CD3A-C39C-4F9A-8602-3EC75472181D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*\",\"matchCriteriaId\":\"1790D974-2EE0-4405-8F26-BB6DB3BDA23B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*\",\"matchCriteriaId\":\"416B3F04-AD86-4F91-890E-56BA539AAB06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*\",\"matchCriteriaId\":\"3810319D-7DC4-47DD-B568-B0504DBC8209\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9BFFFC0-912A-4F95-A08E-1D264135D1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EA924E7-DEF2-45BF-B435-C435AC20AF4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6809C30-9A81-45E6-92E9-01D54880EFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*\",\"matchCriteriaId\":\"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"27DF695E-B890-42C2-8941-5BB53154755F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"072F6C59-3D86-48D1-A14E-477FFFA3B1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"680D7963-1393-4E86-A65F-D4463D532120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"D81E73DD-FD21-4082-A883-34422AE6C024\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6DD0451-98EA-4140-8294-77A14F063E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"408BD438-E15C-422F-9612-C62A7387FC63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D18ACD28-9182-435C-A30F-DF3BFE13C39A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"386F0E26-78DC-4D59-A20F-B41D0E59561B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54576481-2AE9-4133-9EFA-B7FBDCA4427D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E29CE810-76D5-4283-B102-70344B6C9506\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA869467-C560-4130-A180-86819F6A8673\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC0C94B7-31FB-4115-8EDE-62CC459B6663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DEAA71-53DA-4508-B7E6-924ABED49E66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"467323F6-5CA7-42A0-9810-C6FA694CEC93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E68DF8-749B-4284-A7C9-929701A86B36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CECAA19-8B7F-44C8-8059-6D4F2105E196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CBCEEB-7C28-4769-813F-3F01E33D2E08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0CB4927-A361-4DFA-BDB8-A454EA2894AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2B771B7-D5CB-4778-A3A8-1005E4EE134C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9DB383-3791-4A43-BA4D-7695B203E736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"13F02D77-20E9-4F32-9752-511EB71E6704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.3.5\",\"matchCriteriaId\":\"12EC8A39-0B8D-47C4-8F54-CB00028EAF3F\"}]}]}],\"references\":[{\"url\":\"https://issues.liferay.com/browse/LPE-17100\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://issues.liferay.com/browse/LPE-17100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.