-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.liferay.portal:release.portal.bom | maven | >= 7.4.3.21, < 7.4.3.63 | 7.4.3.63 |
Miggo AIRoot Cause AnalysisThe vulnerability explicitly affects user-facing fields (First/Middle/Last Name, Job Title) in the Account module. XSS in this context typically occurs when user-controlled input is rendered without proper escaping. While no specific code is provided, Liferay's architecture uses JSPs for rendering user data, and the edit_user.jsp (or similar view templates) would be responsible for displaying these fields. The medium confidence stems from the lack of direct code references, but the pattern matches classic stored XSS vulnerabilities where output encoding is missing in UI templates.
A Semantic Attack on Google Gemini - Read the Latest Research