CVE-2023-42627
Vulnerability from cvelistv5
Published
2023-10-17 12:08
Modified
2024-08-02 19:23
Severity ?
Summary
Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a (1) Shipping Name, (2) Shipping Phone Number, (3) Shipping Address, (4) Shipping Address 2, (5) Shipping Address 3, (6) Shipping Zip, (7) Shipping City, (8) Shipping Region (9), Shipping Country, (10) Billing Name, (11) Billing Phone Number, (12) Billing Address, (13) Billing Address 2, (14) Billing Address 3, (15) Billing Zip, (16) Billing City, (17) Billing Region, (18) Billing Country, or (19) Region Code.
Impacted products
Vendor Product Version
Liferay Portal Version: 7.3.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:23:39.907Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42627"
          },
          {
            "tags": [
              "third-party-advisory",
              "exploit",
              "x_transferred"
            ],
            "url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DXP",
          "vendor": "Liferay",
          "versions": [
            {
              "lessThanOrEqual": "7.3.10.*",
              "status": "affected",
              "version": "7.3.10",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "7.4.13.u91",
              "status": "affected",
              "version": "7.4.13",
              "versionType": "maven"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Portal",
          "vendor": "Liferay",
          "versions": [
            {
              "lessThanOrEqual": "7.4.3.91",
              "status": "affected",
              "version": "7.3.5",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Michael Oelke"
        }
      ],
      "datePublic": "2023-10-17T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a (1) Shipping Name, (2) Shipping Phone Number, (3) Shipping Address, (4) Shipping Address 2, (5) Shipping Address 3, (6) Shipping Zip, (7) Shipping City, (8) Shipping Region (9), Shipping Country, (10) Billing Name, (11) Billing Phone Number, (12) Billing Address, (13) Billing Address 2, (14) Billing Address 3, (15) Billing Zip, (16) Billing City, (17) Billing Region, (18) Billing Country, or (19) Region Code."
            }
          ],
          "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a (1) Shipping Name, (2) Shipping Phone Number, (3) Shipping Address, (4) Shipping Address 2, (5) Shipping Address 3, (6) Shipping Zip, (7) Shipping City, (8) Shipping Region (9), Shipping Country, (10) Billing Name, (11) Billing Phone Number, (12) Billing Address, (13) Billing Address 2, (14) Billing Address 3, (15) Billing Zip, (16) Billing City, (17) Billing Region, (18) Billing Country, or (19) Region Code."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-10T02:28:51.923Z",
        "orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
        "shortName": "Liferay"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42627"
        },
        {
          "tags": [
            "third-party-advisory",
            "exploit"
          ],
          "url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
    "assignerShortName": "Liferay",
    "cveId": "CVE-2023-42627",
    "datePublished": "2023-10-17T12:08:22.684Z",
    "dateReserved": "2023-09-12T05:35:42.826Z",
    "dateUpdated": "2024-08-02T19:23:39.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-42627\",\"sourceIdentifier\":\"security@liferay.com\",\"published\":\"2023-10-17T13:15:11.677\",\"lastModified\":\"2024-11-21T08:22:50.247\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a (1) Shipping Name, (2) Shipping Phone Number, (3) Shipping Address, (4) Shipping Address 2, (5) Shipping Address 3, (6) Shipping Zip, (7) Shipping City, (8) Shipping Region (9), Shipping Country, (10) Billing Name, (11) Billing Phone Number, (12) Billing Address, (13) Billing Address 2, (14) Billing Address 3, (15) Billing Zip, (16) Billing City, (17) Billing Region, (18) Billing Country, or (19) Region Code.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de Cross-Site Scripting (XSS) almacenados en el m\u00f3dulo Commerce en Liferay Portal 7.3.5 hasta 7.4.3.91, y Liferay DXP 7.3 actualizaci\u00f3n 33 y anteriores, y 7.4 antes de la actualizaci\u00f3n 92 permiten a atacantes remotos inyectar scripts web o HTML arbitrarios mediante un payload manipulado inyectado en (1) Nombre de Env\u00edo, (2) N\u00famero de Tel\u00e9fono de Env\u00edo, (3) Direcci\u00f3n de Env\u00edo, (4) Direcci\u00f3n de Env\u00edo 2, (5) Direcci\u00f3n de Env\u00edo 3, (6) C\u00f3digo Postal de Env\u00edo, (7) Ciudad de Env\u00edo , (8) Regi\u00f3n de Env\u00edo (9), Pa\u00eds de Env\u00edo, (10) Nombre de Facturaci\u00f3n, (11) N\u00famero de Tel\u00e9fono de Facturaci\u00f3n, (12) Direcci\u00f3n de Facturaci\u00f3n, (13) Direcci\u00f3n de Facturaci\u00f3n 2, (14) Direcci\u00f3n de Facturaci\u00f3n 3, (15) Facturaci\u00f3n C\u00f3digo Postal, (16) Ciudad de Facturaci\u00f3n, (17) Regi\u00f3n de Facturaci\u00f3n, (18) Pa\u00eds de Facturaci\u00f3n o (19) C\u00f3digo de Regi\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@liferay.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":9.6,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@liferay.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F6A98ED-E694-4F39-95D0-C152BD1EC115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD6861A-D546-462F-8B22-FA76A4AF8A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"324BB977-5AAC-4367-98FC-605FF4997B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E84D881-6D47-48FD-B743-9D531F5F7D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96E84DBC-C740-4E23-8D1D-83C8AE49813E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B1B2384-764F-43CC-8206-36DCBE9DDCBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"22B6B8C1-1FF3-41BC-9576-16193AE20CC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D07DB20-9DCF-4C05-99D2-F6B37A082C14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AB71307-7EAA-436A-9CBC-5A94F034FB48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B256485-E289-4092-B45B-835DE12625B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*\",\"matchCriteriaId\":\"67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*\",\"matchCriteriaId\":\"365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*\",\"matchCriteriaId\":\"960F3F22-9CC8-4655-9B09-777E5A5A1239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E325115-EEBC-41F4-8606-45270DA40B98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*\",\"matchCriteriaId\":\"294D8A56-A797-433C-A06E-106B2179151A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*\",\"matchCriteriaId\":\"824D88D9-4645-4CAD-8CAB-30F27DD388C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6E8C952-B455-46E4-AC3D-D38CAF189F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD77C0EE-AC79-4443-A502-C1E02F806911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*\",\"matchCriteriaId\":\"648EB53C-7A90-4DA6-BF1C-B5336CDE30C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*\",\"matchCriteriaId\":\"39835EF7-8E93-4695-973D-6E9B76C67372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.5\",\"versionEndExcluding\":\"7.4.3.92\",\"matchCriteriaId\":\"CBB14237-26BD-48B6-9FE6-3CBC8DB49A0D\"}]}]}],\"references\":[{\"url\":\"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42627\",\"source\":\"security@liferay.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/\",\"source\":\"security@liferay.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42627\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.