← Back to CVE List

CVE-2022-42114

Published: 2022-10-18T21:15Z
Last Modified: 2024-11-21T07:24Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A Cross-site scripting (XSS) vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 through 7.4.3.36, and Liferay DXP 7.4 before update 37 allows remote attackers to inject arbitrary web script or HTML. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt