Critical XSS vulnerability in Liferay portal
Référence:
Advisory #2023-126
Version:
1.0
Logiciels concernés :
Liferay DXP 7.3 before update 33
Liferay DXP 7.4 before update 92
Liferay Portal 7.3.5 through 7.4.3.91
Type:
Cross-Site Scripting (XSS)
CVE/CVSS:
CVE-2023-42627 / 9.6 Critical (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
Date:
19/10/2023
Sources
https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publis...
Risques
This XSS vulnerability affecting the Commerce module in Liferay Portal and Liferay DXP has a HIGH impact on Confidentiality, Integrity, and Availability. Privileges are not required to exploit this vulnerability and the attack complexity is low.
Description
CVE-2023-42627: Multiple stored Cross-site scripting (XSS) with shipping & billing address
Multiple XSS vulnerabilities in the Commerce module in Liferay Portal and Liferay DXP allow remote attackers to inject arbitrary web script or HTML code via a crafted payload injected into a Shipping Name, Shipping Phone Number, Shipping Address, Shipping Zip, Shipping City, Shipping Region, Shipping Country, Billing Name, Billing Phone Number, Billing Address, Billing Zip, Billing City, Billing Region, Billing Country, or Region Code.
This XSS is triggered when a shop administrator visits the customer's address in the shop's administrative web interface resulting in the execution of the injected script with the permissions of the visiting shop administrator.
Actions recommandées
The Centre for Cyber Security Belgium strongly recommends system administrators to visit Liferay’s GitHub repository to download and install the patched version of this software.
Liferay’s GitHub repository: https://github.com/liferay/liferay-portal/releases/tag/7.4.3.92-ga92
Références
https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabili...