CVE-2021-29051

EPSS 0.32% · P55 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-29051

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 through 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_XXXXXXXXXXXX_assetEntryId parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Liferay Portal 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Liferay Portal是美国Liferay公司的一套基于J2EE的门户解决方案。该方案使用了EJB以及JMS等技术，并可作为Web发布和共享工作区、企业协作平台、社交网络等。 Liferay Portal 7.2.1版本至7.3.5版本, Liferay DXP 7.1之前版本fix pack 21, 7.2之前版本fix pack 10 and 7.3之前版本fix pack 1 存在安全漏洞，攻击者通过_com_liferay_asset_publisher_web_portlet_AssetP

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-29051

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-29051

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-05-17 · 51 CVEs total

CVE-2021-23384	5.4 MEDIUM	Open Redirect
CVE-2021-27342		D-Link Router 安全漏洞
CVE-2021-29048		Liferay Enterprise Portal 跨站脚本漏洞
CVE-2021-29046		Liferay Portal和Liferay DXP 跨站脚本漏洞
CVE-2021-29045		Liferay Portal 跨站脚本漏洞
CVE-2021-29023		InvoicePlane 安全漏洞
CVE-2021-29024		InvoicePlane 路径遍历漏洞
CVE-2021-3524		Red Hat Ceph Storage 注入漏洞
CVE-2021-29053		Liferay Enterprise Portal SQL注入漏洞
CVE-2021-31727		MalwareFox Anti-Malware 安全漏洞
CVE-2021-31728		MalwareFox Anti-Malware 安全漏洞
CVE-2007-5967		Mozilla 信任管理问题漏洞
CVE-2021-32402		Intelbras Router RF 301K 跨站请求伪造漏洞
CVE-2021-32403		Intelbras Router RF 301K 跨站请求伪造漏洞
CVE-2021-27734		Belden HiOS授权问题漏洞
CVE-2019-14827		Moodle 代码注入漏洞
CVE-2021-33041		vmd 跨站脚本漏洞
CVE-2020-21813		GNU LibreDWG 缓冲区错误漏洞
CVE-2020-21814		GNU LibreDWG 缓冲区错误漏洞
CVE-2020-21816		GNU LibreDWG 缓冲区错误漏洞

Showing top 20 of 51 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-29051

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-29051

I. Basic Information for CVE-2021-29051

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-29051

III. Intelligence Information for CVE-2021-29051

Same Patch Batch · n/a · 2021-05-17 · 51 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-29051

Leave a comment