CVE-2023-44310 Information

Description

Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78 and Liferay DXP 7.3 fix pack 1 through update 23 and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page’s \Name\ text field.

Reference

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44310