FKIE_CVE-2024-25610
Vulnerability from fkie_nvd - Published: 2024-02-20 13:15 - Updated: 2024-12-11 17:53
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML (XSS) via a crafted payload injected into a blog entry’s content text field.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8EBC77-BA94-4AA8-BAF0-D1E3C9146459",
"versionEndExcluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "E7E68DF8-749B-4284-A7C9-929701A86B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*",
"matchCriteriaId": "340DF1FE-5720-4516-BA51-F2197A654409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*",
"matchCriteriaId": "97E155DE-05C6-4559-94A8-0EFEB958D0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*",
"matchCriteriaId": "0635FB5F-9C90-49C7-A9EF-00C0396FCCAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*",
"matchCriteriaId": "77523B76-FC26-41B1-A804-7372E13F4FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*",
"matchCriteriaId": "B15397B8-5087-4239-AE78-D3C37D59DE83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*",
"matchCriteriaId": "311EE92A-0EEF-4556-A52F-E6C9522FA2DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*",
"matchCriteriaId": "49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_17:*:*:*:*:*:*",
"matchCriteriaId": "F2B55C77-9FAA-4E14-8CEF-9C4CAC804007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_18:*:*:*:*:*:*",
"matchCriteriaId": "54E499E6-C747-476B-BFE2-C04D9F8744F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "7CECAA19-8B7F-44C8-8059-6D4F2105E196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "68CBCEEB-7C28-4769-813F-3F01E33D2E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "C0CB4927-A361-4DFA-BDB8-A454EA2894AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "B2B771B7-D5CB-4778-A3A8-1005E4EE134C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "3B9DB383-3791-4A43-BA4D-7695B203E736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "13F02D77-20E9-4F32-9752-511EB71E6704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*",
"matchCriteriaId": "6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*",
"matchCriteriaId": "759DDB90-6A89-4E4F-BD04-F70EFA5343B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "43F61E2F-4643-4D5D-84DB-7B7B6E93C67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "8B057D81-7589-4007-9A0D-2D302B82F9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "6F0F2558-6990-43D7-9FE2-8E99D81B8269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "11072673-C3AB-42EA-A26F-890DEE903D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "134560B0-9746-4EC3-8DE3-26E53E2CAC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "71E41E59-D71F-48F0-812B-39D59F81997B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "728DF154-F19F-454C-87CA-1E755107F2A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*",
"matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*",
"matchCriteriaId": "10B863B8-201D-494C-8175-168820996174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*",
"matchCriteriaId": "CBF766CE-CBB8-472A-BAF0-BD39A7BCB4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*",
"matchCriteriaId": "182FAA46-D9FB-4170-B305-BAD0DF6E5DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*",
"matchCriteriaId": "DF1BB9E6-D690-4C12-AEF0-4BD712869CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*",
"matchCriteriaId": "653A0452-070F-4312-B94A-F5BCB01B9BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*",
"matchCriteriaId": "15B67345-D0AF-4BFD-A62D-870F75306A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*",
"matchCriteriaId": "DE1F4262-A054-48CC-BF1D-AA77A94FFFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2855EC-0F83-4119-95BB-709C414D7E05",
"versionEndExcluding": "7.4.3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML (XSS) via a crafted payload injected into a blog entry\u2019s content text field."
},
{
"lang": "es",
"value": "En Liferay Portal 7.2.0 a 7.4.3.12 y versiones anteriores no compatibles, y Liferay DXP 7.4 antes de la actualizaci\u00f3n 9, 7.3 antes de la actualizaci\u00f3n 4, 7.2 antes del fixpack 19 y versiones anteriores no compatibles, la configuraci\u00f3n predeterminada no sanitiza las entradas del blog de JavaScript , que permite a usuarios remotos autenticados inyectar script web o HTML (XSS) arbitrarios mediante un payload manipulado que se inyecto en el campo de texto de contenido de una entrada de blog."
}
],
"id": "CVE-2024-25610",
"lastModified": "2024-12-11T17:53:18.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "security@liferay.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-20T13:15:08.493",
"references": [
{
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
],
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25610"
}
],
"sourceIdentifier": "security@liferay.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "security@liferay.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…