Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name.Referenceshttps://liferay.dev/w/cve-2022-26597-stored-xss-with-site-name-in-open-graph-integration