Versio.io

CVE-2021-38263

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 03-03-2022 01:15
Last modified: - 13-05-2022 06:03
Total changes: - 5

Description

Cross-site scripting (XSS) vulnerability in the Server module's script console in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 20 and 7.2 before fix pack 10 allows remote attackers to inject arbitrary web script or HTML via the output of a script.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Low
Attack complexity
Network
Attack vector
None
Availability
Low
Confidentiality
Low
Integrity
None
Privileges required
Changed
Scope
Required
User interaction
6.1
Base score
2.8
2.7
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=liferay AND product=liferay_portal AND versionEndIncluding=7.3.2
OR
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=-
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_1
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_2
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_3
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_5
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_4
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_6
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_9
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_10
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_11
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=-
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_1
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_12
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_13
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_14
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_15
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_16
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_17
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_18
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_19
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_2
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_3
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_4
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_5
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_7
vendor=liferay AND product=digital_experience_platform AND version=7.1 AND update=fix_pack_8
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_6
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_7
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_8
vendor=liferay AND product=digital_experience_platform AND version=7.2 AND update=fix_pack_9
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=-
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_1
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_10
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_11
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_12
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_13
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_14
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_15
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_16
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_17
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_18
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_19
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_2
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_20
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_21
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_22
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_23
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_24
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_25
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_26
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_27
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_28
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_29
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_3
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_30
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_31
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_32
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_33
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_34
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_35
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_36
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_37
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_38
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_39
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_4
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_5
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_6
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_7
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_8
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_9
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_100
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_40
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_41
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_42
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_43
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_44
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_45
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_46
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_47
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_48
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_49
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_50
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_51
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_52
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_53
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_54
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_55
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_56
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_57
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_58
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_59
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_60
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_61
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_62
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_63
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_64
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_65
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_66
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_67
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_68
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_69
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_70
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_71
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_72
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_73
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_74
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_75
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_76
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_77
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_78
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_79
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_80
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_81
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_82
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_83
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_84
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_85
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_86
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_87
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_88
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_89
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_90
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_91
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_92
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_93
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_94
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_95
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_96
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_97
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_98
vendor=liferay AND product=digital_experience_platform AND version=7.0 AND update=fix_pack_99
 

Reference

 


Keywords

NVD

 

CVE-2021-38263

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.