Miggo Logo
Miggo Vulnerability Database
CVE-2024-11993

CVE-2024-11993: Liferay Portal and Liferay DXP vulnerable to Cross-site Scripting

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-11993
GHSA ID
GHSA-4hxr-28mv-q729
EPSS Score
0.1399%
CWE
CWE-79
Published
12/17/2024
Updated
1/28/2025
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.liferay.portal:release.portal.bommaven>= 7.1.0, < 7.4.3.397.4.3.39
com.liferay.portal:release.dxp.bommaven>= 7.1, < 7.4.13.u397.4.13.u39

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper neutralization of the 'Dispatch name' parameter. In Liferay's architecture, portlet dispatching mechanisms (like DispatchPortlet) handle action routing. The processDispatch method would be a logical point where the dispatch name parameter is retrieved from the request and used to generate responses. Without proper context-aware escaping (e.g., HTML entity encoding), this creates an XSS vector. The confidence is medium because while the exact code isn't visible, this pattern matches Liferay's architecture and standard XSS vulnerability patterns in Java web applications.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

R**l**t** *ross-sit* s*riptin* (XSS) vuln*r**ility in Li**r*y Port*l *.*.* t*rou** *.*.*.**, *n* Li**r*y *XP *.* ** t*rou** up**t* **, *.* ** t*rou** up**t* **, *.* ** t*rou** *ix p**k ** *n* *.* ** t*rou** *ix p**k ** *llows r*mot* *tt**k*rs to *x**

Reasoning

T** vuln*r**ility st*ms *rom improp*r n*utr*liz*tion o* t** '*isp*t** n*m*' p*r*m*t*r. In Li**r*y's *r**it**tur*, portl*t *isp*t**in* m****nisms (lik* `*isp*t**Portl*t`) **n*l* **tion routin*. T** `pro**ss*isp*t**` m*t*o* woul* ** * lo*i**l point w**