Cross Site Scripting (XSS) Vulnerability in Liferay Commerce Module

CVE-2022-42119 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 through 7.4.2 and Liferay DXP 7.3 before update 8.

Learn more about our Web Application Penetration Testing UK.