Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-44310

Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78 and Liferay DXP 7.3 fix pack 1 through update 23 and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page39s quotNamequot text field.