Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.liferay/com.liferay.frontend.js.aui.web@3.0.54
Typemaven
Namespacecom.liferay
Namecom.liferay.frontend.js.aui.web
Version3.0.54
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.18
Latest_non_vulnerable_version4.0.18
Affected_by_vulnerabilities
0
url VCID-jarq-qchk-nkc1
vulnerability_id VCID-jarq-qchk-nkc1
summary 
Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Frontend JS module
Cross-site scripting (XSS) vulnerability in the Frontend JS module before version 4.0.18, in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20 and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the title of a modal window.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33326
reference_id
reference_type
scores
0
value 0.00418
scoring_system epss
scoring_elements 0.62127
published_at 2026-06-04T12:55:00Z
1
value 0.00418
scoring_system epss
scoring_elements 0.62184
published_at 2026-06-06T12:55:00Z
2
value 0.00418
scoring_system epss
scoring_elements 0.62176
published_at 2026-06-05T12:55:00Z
3
value 0.00418
scoring_system epss
scoring_elements 0.62175
published_at 2026-06-09T12:55:00Z
4
value 0.00418
scoring_system epss
scoring_elements 0.62158
published_at 2026-06-08T12:55:00Z
5
value 0.00418
scoring_system epss
scoring_elements 0.62174
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33326
1
reference_url https://github.com/liferay/liferay-portal
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal
2
reference_url https://github.com/liferay/liferay-portal/commit/eb0590cea2d899f9e95bdb2e767466b8444aa573
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/eb0590cea2d899f9e95bdb2e767466b8444aa573
3
reference_url https://issues.liferay.com/browse/LPE-17093
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.liferay.com/browse/LPE-17093
4
reference_url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-33326-xss-with-the-title-of-a-modal-window?p_r_p_assetEntryId=121610771&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121610771%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-33326-xss-with-the-title-of-a-modal-window?p_r_p_assetEntryId=121610771&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121610771%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33326
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33326
6
reference_url https://github.com/advisories/GHSA-hgjv-7wjr-qwqp
reference_id GHSA-hgjv-7wjr-qwqp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgjv-7wjr-qwqp
fixed_packages
0
url pkg:maven/com.liferay/com.liferay.frontend.js.aui.web@4.0.18
purl pkg:maven/com.liferay/com.liferay.frontend.js.aui.web@4.0.18
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.js.aui.web@4.0.18
aliases CVE-2021-33326, GHSA-hgjv-7wjr-qwqp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jarq-qchk-nkc1
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.js.aui.web@3.0.54