GHSA-3x83-whxw-pvmg

Suggest an improvement
Source
https://github.com/advisories/GHSA-3x83-whxw-pvmg
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-3x83-whxw-pvmg/GHSA-3x83-whxw-pvmg.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-3x83-whxw-pvmg
Aliases
Published
2022-03-04T00:00:20Z
Modified
2025-07-14T21:57:05.133439Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS)
Details

Liferay Layout Admin Web before 5.0.0 in Liferay Portal v7.3.6 and below and Liferay DXP v7.3 and below were discovered to contain a cross-site scripting (XSS) vulnerability via the comliferayassetlistwebportletAssetListPortlettitle parameter.

Database specific 
{
    "severity": "MODERATE",
    "github_reviewed": true,
    "nvd_published_at": "2022-03-03T00:15:00Z",
    "github_reviewed_at": "2025-07-14T21:33:29Z",
    "cwe_ids": [
        "CWE-79"
    ]
}
References

Affected packages

Maven / com.liferay:com.liferay.layout.admin.web

Package

Name
com.liferay:com.liferay.layout.admin.web
View open source insights on deps.dev
Purl
pkg:maven/com.liferay/com.liferay.layout.admin.web

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0

Affected versions

1.*

1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
1.0.15
1.0.16
1.0.17
1.0.18
1.0.19
1.0.20
1.0.21
1.0.22
1.0.23
1.0.24
1.0.25
1.0.26
1.0.27
1.0.28
1.0.29
1.0.30
1.0.31
1.0.32
1.0.33
1.0.34
1.0.35
1.0.36
1.0.37
1.0.38
1.0.39
1.0.40
1.0.41
1.0.42
1.0.43
1.0.44
1.0.45
1.0.46
1.0.47
1.0.48
1.0.49
1.0.50
1.0.51
1.0.52
1.0.53
1.0.54
1.0.55
1.0.56
1.0.57
1.0.58
1.0.59
1.0.60
1.0.61
1.0.62
1.0.63
1.0.64
1.0.65
1.0.66
1.0.67
1.0.68
1.0.69
1.0.70
1.0.71
1.0.72
1.0.73
1.0.74
1.0.75
1.0.76
1.0.77
1.0.78
1.0.79
1.0.80
1.0.81
1.0.82
1.0.83
1.0.84
1.0.85
1.0.86
1.0.87
1.0.88
1.0.89
1.0.90
1.0.91
1.0.92
1.0.93
1.0.94
1.0.95
1.0.96
1.0.97
1.0.98
1.0.99
1.0.100
1.0.101
1.0.102
1.0.103
1.0.104
1.0.105
1.0.106
1.0.107
1.0.108
1.0.109
1.0.110
1.0.111
1.0.112
1.0.113
1.0.114
1.0.115
1.0.116
1.0.117
1.0.118
1.0.119
1.0.120
1.0.121
1.0.122
1.0.123
1.0.124
1.0.125
1.0.126
1.0.127
1.0.128
1.0.129
1.0.130
1.0.131
1.0.132
1.0.133
1.0.134
1.0.135
1.0.136
1.0.137
1.0.138
1.0.139
1.0.140
1.0.141
1.0.142
1.0.143
1.0.144
1.0.145
1.0.146
1.0.147
1.0.148
1.0.149
1.0.150
1.0.151
1.0.152
1.0.153
1.0.154
1.0.155
1.0.156
1.0.157
1.0.158
1.0.159
1.0.160
1.0.161
1.0.162
1.0.163
1.0.164

2.*

2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.0.17
2.0.18
2.0.19
2.0.20
2.0.21
2.0.22
2.0.23
2.0.24
2.0.25
2.0.26
2.0.27
2.0.28
2.0.29
2.0.30
2.0.31
2.0.32
2.0.33
2.0.34
2.0.35
2.0.36
2.0.37
2.0.38
2.0.39
2.0.40
2.0.41
2.0.42
2.0.43
2.0.44
2.0.45
2.0.46
2.0.47
2.0.48
2.0.49
2.0.50
2.0.51
2.0.52
2.0.53
2.0.54
2.0.55
2.0.56
2.0.57
2.0.58
2.0.59
2.0.60
2.0.61
2.0.62
2.0.63
2.0.64
2.0.65
2.0.66
2.0.67
2.0.68
2.0.69
2.0.70
2.0.71
2.0.72
2.0.73
2.0.74
2.0.75
2.0.76
2.0.77
2.0.78
2.0.79
2.0.80
2.0.81
2.0.82
2.0.83
2.0.84
2.0.85
2.0.86
2.0.87
2.0.88
2.0.89
2.0.90
2.0.91
2.0.92
2.0.93
2.0.94
2.0.95
2.0.96
2.0.97
2.0.98
2.0.99
2.0.100
2.0.101
2.0.102
2.0.103
2.0.104
2.0.105
2.0.106
2.0.107
2.0.108
2.0.109
2.0.110
2.0.111
2.0.112
2.0.113
2.0.114
2.0.115
2.0.116
2.0.117
2.0.118
2.0.119
2.0.120
2.0.121
2.0.122
2.0.123
2.0.124
2.0.125
2.0.126
2.0.127
2.0.128
2.0.129
2.0.130
2.0.131
2.0.132
2.0.133
2.0.134
2.0.135
2.0.136
2.0.137
2.0.138
2.0.139
2.0.140
2.0.141
2.0.142
2.0.143
2.0.144
2.0.145
2.0.146
2.0.147
2.0.148
2.0.149
2.0.150
2.0.151
2.0.152
2.0.153
2.0.154
2.0.155
2.0.156
2.0.157
2.0.158
2.0.159
2.0.160
2.0.161
2.0.162
2.0.163
2.0.164
2.0.165
2.0.166
2.0.167
2.0.168
2.0.169
2.0.170
2.0.171
2.0.172
2.0.173
2.0.174
2.0.175
2.0.176
2.0.177
2.0.178
2.0.179
2.0.180
2.0.181
2.0.182
2.0.183
2.0.184
2.0.185
2.0.186

3.*

3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0.10
3.0.11
3.0.12
3.0.13
3.0.14
3.0.15
3.0.16
3.0.17
3.0.18
3.0.19
3.0.20
3.0.21
3.0.22
3.0.23
3.0.24
3.0.25
3.0.26
3.0.27
3.0.28
3.0.29
3.0.30
3.0.31
3.0.32
3.0.33
3.0.34
3.0.35
3.0.36
3.0.37
3.0.38
3.0.39
3.0.40
3.0.41
3.0.42
3.0.43
3.0.44
3.0.45
3.0.46
3.0.47
3.0.48
3.0.49
3.0.50
3.0.51
3.0.52
3.0.53
3.0.54
3.0.55
3.0.56
3.0.57
3.0.58
3.0.59
3.0.60
3.0.61
3.0.62
3.0.63
3.0.64
3.0.65
3.0.66
3.0.67
3.0.68
3.0.69
3.0.70
3.0.71
3.0.72
3.0.73
3.0.74
3.0.75
3.0.76
3.0.77
3.0.78
3.0.79
3.0.80
3.0.81
3.0.82
3.0.83
3.0.84
3.0.85
3.0.86
3.0.87
3.0.88
3.0.89
3.0.90
3.0.91
3.0.92
3.0.93
3.0.94
3.0.95
3.0.96
3.0.97
3.0.98
3.0.99
3.0.100
3.0.101
3.0.102
3.0.103
3.0.104
3.0.105
3.0.106
3.0.107
3.0.108
3.0.109
3.0.110
3.0.111
3.0.112
3.0.113
3.0.114
3.0.115
3.0.116
3.0.117
3.0.118
3.0.119
3.0.120
3.0.121
3.0.122
3.0.123
3.0.124
3.0.125
3.0.126
3.0.127
3.0.128
3.0.129
3.0.130
3.0.131
3.0.132
3.0.133
3.0.134
3.0.135
3.0.136
3.0.137
3.0.138
3.0.139
3.0.140
3.0.141
3.0.142
3.0.143
3.0.144
3.0.145
3.0.146
3.0.147
3.0.148
3.0.149
3.0.150
3.0.151
3.0.152
3.0.153
3.0.154
3.0.155
3.0.156
3.0.157
3.0.158
3.0.159
3.0.160
3.0.161
3.0.162
3.0.163
3.0.164
3.0.165
3.0.166
3.0.167
3.0.168

4.*

4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.17
4.0.18
4.0.19
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.0.25
4.0.26
4.0.27
4.0.28
4.0.29
4.0.30
4.0.31
4.0.32
4.0.33
4.0.34
4.0.35
4.0.36
4.0.37
4.0.38
4.0.39
4.0.40
4.0.41
4.0.42
4.0.43
4.0.44
4.0.45
4.0.46
4.0.47
4.0.48
4.0.49
4.0.50
4.0.51
4.0.52
4.0.53
4.0.54
4.0.55
4.0.56
4.0.57
4.0.58
4.0.59
4.0.60
4.0.61
4.0.62
4.0.63
4.0.64
4.0.65
4.0.66
4.0.67
4.0.68
4.0.69
4.0.70
4.0.71
4.0.72
4.0.73
4.0.74
4.0.75
4.0.76
4.0.77
4.0.78
4.0.79
4.0.80
4.0.81
4.0.82
4.0.83
4.0.84
4.0.85
4.0.86
4.0.87
4.0.88
4.0.89
4.0.90
4.0.91
4.0.92
4.0.93
4.0.94
4.0.95
4.0.96
4.0.97
4.0.98
4.0.99
4.0.100
4.0.101
4.0.102
4.0.103
4.0.104
4.0.105
4.0.106
4.0.107
4.0.108
4.0.109
4.0.110
4.0.111
4.0.112
4.0.113
4.0.114
4.0.115
4.0.116
4.0.117
4.0.118
4.0.119
4.0.120
4.0.121
4.0.122
4.0.123
4.0.124
4.0.125
4.0.126
4.0.127
4.0.128
4.0.129
4.0.130
4.0.131
4.0.132
4.0.133
4.0.134
4.0.135
4.0.136
4.0.137
4.0.138
4.0.139
4.0.140
4.0.141
4.0.142
4.0.143
4.0.144
4.0.145
4.0.146
4.0.147
4.0.148
4.0.149
4.0.150

Maven / com.liferay.portal:release.dxp.bom

Package

Name
com.liferay.portal:release.dxp.bom
View open source insights on deps.dev
Purl
pkg:maven/com.liferay.portal/release.dxp.bom

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
7.3

Affected versions

7.*

7.0.10.fp60
7.0.10.fp61
7.0.10.fp62
7.0.10.fp63
7.0.10.fp64
7.0.10.fp65
7.0.10.fp66
7.0.10.fp67
7.0.10.fp68
7.0.10.fp69
7.0.10.fp70
7.0.10.fp71
7.0.10.fp72
7.0.10.fp73
7.0.10.fp74
7.0.10.fp75
7.0.10.fp76
7.0.10.fp77
7.0.10.fp78
7.0.10.fp79
7.0.10.fp80
7.0.10.fp81
7.0.10.fp82
7.0.10.fp83
7.0.10.fp84
7.0.10.fp85
7.0.10.fp85-1
7.0.10.fp86
7.0.10.fp86-1
7.0.10.fp87
7.0.10.fp87-1
7.0.10.fp88
7.0.10.fp89
7.0.10.fp90
7.0.10.fp91
7.0.10.fp92
7.0.10.fp94
7.0.10.fp94-1
7.0.10.fp95
7.0.10.fp95-1
7.0.10.fp95-2
7.0.10.fp97
7.0.10.fp98
7.0.10.fp100
7.0.10.fp101
7.0.10.fp102
7.0.10.7
7.0.10.8
7.0.10.9
7.0.10.14
7.0.10.14-1
7.0.10.16
7.0.10.17
7.1.10
7.1.10.fp1
7.1.10.fp2
7.1.10.fp3
7.1.10.fp4
7.1.10.fp5
7.1.10.fp6
7.1.10.fp7
7.1.10.fp8
7.1.10.fp9
7.1.10.fp10
7.1.10.fp11
7.1.10.fp12
7.1.10.fp13
7.1.10.fp14
7.1.10.fp15
7.1.10.fp16
7.1.10.fp17
7.1.10.fp18
7.1.10.fp19
7.1.10.fp20
7.1.10.fp22
7.1.10.fp24
7.1.10.fp25
7.1.10.fp26
7.1.10.fp27
7.1.10.fp28
7.1.10.1
7.1.10.3
7.1.10.4
7.1.10.5
7.1.10.6
7.1.10.7
7.1.10.8
7.2.1
7.2.10
7.2.10.fp1
7.2.10.fp1-1
7.2.10.fp2
7.2.10.fp3
7.2.10.fp4
7.2.10.fp5
7.2.10.fp6
7.2.10.fp7
7.2.10.fp8
7.2.10.fp9
7.2.10.fp10
7.2.10.fp11
7.2.10.fp12
7.2.10.fp13
7.2.10.fp14
7.2.10.fp15
7.2.10.fp16
7.2.10.fp17
7.2.10.fp18
7.2.10.fp19
7.2.10.fp20
7.2.10.1
7.2.10.2
7.2.10.3
7.2.10.3-1
7.2.10.4
7.2.10.4-1
7.2.10.5
7.2.10.5-1
7.2.10.6
7.2.10.7
7.2.10.8