Liferay Portal is a popular Java-based enterprise portal software used by organizations for intranet and extranet applications. This vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an attachment's filename, potentially leading to cross-site scripting (XSS) attacks.