Multiple Vulnerabilities in LifeRay products

Release Date: 27-10-2023 21:03:37

Multiple Vulnerabilities in LifeRay products

History:

26/10/2023 --- v1.0 -- Initial publication

Summary

This security advisory addresses multiple vulnerabilities in Liferay Portal and Liferay DXP related to cross-site scripting (XSS) attacks [1]. Users are urged to update their installations to the latest versions as provided in the "Recommendations" section.

Technical Details

The vulnerabilities are described as follows:

CVE-2023-44311 - Reflected XSS with 'code' and 'error' in OAuth2ProviderApplicationRedirect: This vulnerability, with a CVSS score of 9.6, allows remote attackers to inject arbitrary web script or HTML via the code, or error parameter [2].
CVE-2023-42628 - XSS with child wiki pages: This vulnerability, with a CVSS score of 9.0, allows remote attackers to inject arbitrary web script or HTML into a parent wiki page via a crafted payload injected into a wiki page's ‘Content’ text field [3].
CVE-2023-42627 - Multiple stored XSS with shipping & billing address: This vulnerability, with a CVSS score of 9.6, allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into multiple fields in the Commerce module [4].
CVE-2023-42497 - XSS with redirect in export translation: This vulnerability, with a CVSS score of 9.6, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_translation_web_internal_portlet_TranslationPortlet_redirect parameter [5].
CVE-2023-42629 - Stored XSS vulnerability with vocabulary description: This vulnerability, with a CVSS score of 9.0, allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Vocabulary's description text field [6].
CVE-2023-44310 - XSS with page name in Page Tree: This vulnerability, with a CVSS score of 9.0, allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's Name text field.