mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
645 lines
28 KiB
JSON
645 lines
28 KiB
JSON
{
|
|
"id": "CVE-2023-42628",
|
|
"sourceIdentifier": "security@liferay.com",
|
|
"published": "2023-10-17T12:15:10.043",
|
|
"lastModified": "2023-12-28T16:13:28.370",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7.4.3.87, and Liferay DXP 7.0 fix pack 83 through 102, 7.1 fix pack 28 and earlier, 7.2 fix pack 20 and earlier, 7.3 update 33 and earlier, and 7.4 before update 88 allows remote attackers to inject arbitrary web script or HTML into a parent wiki page via a crafted payload injected into a wiki page's \u2018Content\u2019 text field."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) almacenadas en el widget Wiki en Liferay Portal 7.1.0 a 7.4.3.87 y Liferay DXP 7.0 fixpack 83 a 102, 7.1 fixpack 28 y anteriores, 7.2 fixpack 20 y anteriores, actualizaci\u00f3n 7.3 33 y anteriores, y 7.4 anterior a la actualizaci\u00f3n 88 permite a atacantes remotos inyectar scripts web o HTML arbitrarios en una p\u00e1gina wiki principal a trav\u00e9s de un payload manipulado inyectado en el campo de texto 'Content' de una p\u00e1gina wiki."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.4,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.3,
|
|
"impactScore": 2.7
|
|
},
|
|
{
|
|
"source": "security@liferay.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.0,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 2.3,
|
|
"impactScore": 6.0
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "security@liferay.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4614C87F-F39C-4ADD-A7A2-4A498612AD38"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6F20D93D-7FB2-4D5F-9249-4DECDE473C42"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_10:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CF0821E5-B6E5-44E6-9CF7-77EAE982F677"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_11:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1B24B6A1-8439-49D6-8E78-193144F3DCC3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_12:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E82A6CC-891C-4619-84EA-0DA96E4043C4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*",
|
|
"matchCriteriaId": "70E12054-0DEE-4B92-B8F6-7DC4B2461113"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_15:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE1A8781-6B16-4D37-B556-36B99CBCA9F9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_16:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3EE11B43-1629-4A22-BE88-0AFB2DFC528C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_17:*:*:*:*:*:*",
|
|
"matchCriteriaId": "10FC6F33-C031-40A4-AFAF-B5CF30F79E52"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_18:*:*:*:*:*:*",
|
|
"matchCriteriaId": "99B99578-CACE-47D2-9C1E-A7BBD2B6F6EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_19:*:*:*:*:*:*",
|
|
"matchCriteriaId": "950D98A8-88EE-4C99-817B-C418071B2819"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F86FF50F-B21A-4B6E-88B8-90D0C042E942"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_20:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE0E1891-6E76-4069-B412-43B5E5379E0C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_21:*:*:*:*:*:*",
|
|
"matchCriteriaId": "404F5FFE-2758-452F-9297-40E0533C6FB2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_22:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3F5B7E72-8D62-464A-AA82-CBE2625C7687"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_23:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4FA67C68-3E8E-4383-967F-A1FA55AE4897"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F220793A-FDAC-48C6-B299-39EB3BC077A6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F095A9E1-5FE1-46C4-B0E1-97F8767439D2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFD748DD-6FDB-44CD-96BF-026D18CE4207"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4B3C2426-7617-4535-B86A-7F9BA45DFD0E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_29:*:*:*:*:*:*",
|
|
"matchCriteriaId": "88A5CBCE-2BAE-44C7-A7BF-BC30C89839BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA6B2500-42E4-4F87-8B93-2F7399B4F611"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*",
|
|
"matchCriteriaId": "28955834-8E02-4558-ABD3-4958DBB41423"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_31:*:*:*:*:*:*",
|
|
"matchCriteriaId": "89B4F926-5018-4C50-9569-A92BEA6364A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_32:*:*:*:*:*:*",
|
|
"matchCriteriaId": "863C4DBB-9BA2-4A13-8394-08AC500D552A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4206C84-C4BD-4363-A4CA-EE229CE06319"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_34:*:*:*:*:*:*",
|
|
"matchCriteriaId": "54CA9915-54C2-4E7F-85AF-781CA0A63A9D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4F644864-1056-4A0C-ADD7-A1992A0AC07D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91E9BAE9-CD40-4353-95DB-7D9ADC338F95"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_37:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2A29CA0-66CB-4ED9-87B3-57A1C04F59F8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_38:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2BFC882E-25C2-46A3-A0DA-A779399A3A30"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*",
|
|
"matchCriteriaId": "661E68A2-B365-4962-87CF-CE17A500889F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D4094372-E950-4DE0-86D2-CE7F214FD3A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A5D28279-002A-4BC7-9396-E47FC842D7AE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C700ED72-4626-48A0-B1BB-E0A7C12D454F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F473DF1-F70D-4EDB-A011-C8D1C6A21659"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*",
|
|
"matchCriteriaId": "357845C1-3834-465A-B9CA-F9C604AA8242"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DD35964D-4156-45B8-A0AB-282DA9F4FA47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*",
|
|
"matchCriteriaId": "35656567-EF24-4948-A72A-C754D6E419B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9A3D95D-4539-432D-B241-376F312534AC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*",
|
|
"matchCriteriaId": "81F329F1-5BB1-42A7-98CE-B0EB5819D60A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5B7111FA-9FD7-4952-AFE1-07D3E14854F3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D35916F1-24AA-4BF3-8B1F-2361C5B815D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0383C4C4-A7BB-418D-9A98-AC4233722961"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA281A20-7599-446B-9587-118E920403D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9514E8F5-1D0B-4CDF-BD03-087326F6C252"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*",
|
|
"matchCriteriaId": "78BC7D6C-2A10-4F78-9C41-EA97665C246E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_55:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2C29B11-D87B-4D78-9D42-AD528C811080"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA9BE427-78D7-4DEE-A174-F3E3675B44A5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C10325C-8670-499B-B003-7D8634539C5D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5F692BEB-5CB1-41EA-B715-64AB0036F6CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*",
|
|
"matchCriteriaId": "427C4DF5-9039-4CB5-B600-5F965E20D945"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_6:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EDEE4B40-889C-472E-AA91-7E1B4314EE64"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44B7A2A2-5764-4EDB-AA44-25F8508CF128"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55D94917-5360-4179-A017-1287C63A6E6C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_62:*:*:*:*:*:*",
|
|
"matchCriteriaId": "52C5C76D-2572-4ADF-B7E4-7B3444935658"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_63:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9ABFC91A-7A8D-4A08-9464-F534BAA69B4E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D378A23-113D-47AC-9CB5-2658C357FFB4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*",
|
|
"matchCriteriaId": "58FB119E-508C-45F7-8AD8-B67AAAEA53D6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B3359A5-D39B-4322-8963-B138D791D232"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E11E2FBD-7541-4CE3-8A78-52FB82571547"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3883F470-8D8D-4CB3-BF4A-0C401BDABC83"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_7:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3867FDAA-354E-4D2F-A260-27F31CA44C8A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E8CEA39-4A7F-4827-91FA-31119201D174"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D3768AC9-A245-4B81-8D1D-9D9C5354245C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_74:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3BA69ED9-28FA-40B5-84F9-0FFE40DFC675"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6FF2D31F-8719-41A6-ADD5-15BE9409428E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_77:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE4885B1-F912-4D06-8179-830FC011F3F6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_8:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A89B7EE4-57FD-4B09-841A-ABC9990FF88F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06835B0A-A2DF-44D3-A38F-59E5D5523FFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B746D0CF-76F6-42A1-9056-CA9622DCD806"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "27DF695E-B890-42C2-8941-5BB53154755F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*",
|
|
"matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9D07DB20-9DCF-4C05-99D2-F6B37A082C14"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*",
|
|
"matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*",
|
|
"matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*",
|
|
"matchCriteriaId": "960F3F22-9CC8-4655-9B09-777E5A5A1239"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*",
|
|
"matchCriteriaId": "294D8A56-A797-433C-A06E-106B2179151A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*",
|
|
"matchCriteriaId": "824D88D9-4645-4CAD-8CAB-30F27DD388C4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F6E8C952-B455-46E4-AC3D-D38CAF189F60"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CD77C0EE-AC79-4443-A502-C1E02F806911"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*",
|
|
"matchCriteriaId": "648EB53C-7A90-4DA6-BF1C-B5336CDE30C7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39835EF7-8E93-4695-973D-6E9B76C67372"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.1.0",
|
|
"versionEndExcluding": "7.4.3.88",
|
|
"matchCriteriaId": "67C00B28-3F41-49FA-87E0-130F77235C05"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42628",
|
|
"source": "security@liferay.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/",
|
|
"source": "security@liferay.com",
|
|
"tags": [
|
|
"Exploit",
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |