CVE-2022-42121

🗓️ 15 Nov 2022 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 64 Views

SQL injection vulnerability in Liferay Portal 7.1.3 through 7.4.3.4 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before service pack 3, and 7.4 GA allows remote authenticated attackers to execute arbitrary SQL commands via a crafted payload injected into a page template's 'Name' field

Reporter	Title	Published	Views	Family All 11
CNNVD	Liferay Portal和Liferay DXP SQL注入漏洞	14 Nov 202200:00	–	cnnvd
Cvelist	CVE-2022-42121	15 Nov 202200:00	–	cvelist
EUVD	EUVD-2022-45207	3 Oct 202520:07	–	euvd
Github Security Blog	Liferay Portal and Liferay DXP Vulnerable to SQL Injection via the Layout Module	15 Nov 202212:00	–	github
NVD	CVE-2022-42121	15 Nov 202201:15	–	nvd
OSV	CVE-2022-42121	15 Nov 202201:15	–	osv
OSV	GHSA-GXXJ-FHMR-37J9 Liferay Portal and Liferay DXP Vulnerable to SQL Injection via the Layout Module	15 Nov 202212:00	–	osv
Prion	Sql injection	15 Nov 202201:15	–	prion
Positive Technologies	PT-2022-26267 · Liferay · Liferay Dxp +1	15 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-42121	22 May 202523:45	–	redhatcve

NVD

Node

liferay liferay_portalRange7.1.3–7.4.3.4

Node

liferay digital_experience_platformMatch7.1-

liferay digital_experience_platformMatch7.1fix_pack_1

liferay digital_experience_platformMatch7.1fix_pack_10

liferay digital_experience_platformMatch7.1fix_pack_11

liferay digital_experience_platformMatch7.1fix_pack_12

liferay digital_experience_platformMatch7.1fix_pack_13

liferay digital_experience_platformMatch7.1fix_pack_14

liferay digital_experience_platformMatch7.1fix_pack_15

liferay digital_experience_platformMatch7.1fix_pack_16

liferay digital_experience_platformMatch7.1fix_pack_17

liferay digital_experience_platformMatch7.1fix_pack_18

liferay digital_experience_platformMatch7.1fix_pack_19

liferay digital_experience_platformMatch7.1fix_pack_2

liferay digital_experience_platformMatch7.1fix_pack_20

liferay digital_experience_platformMatch7.1fix_pack_21

liferay digital_experience_platformMatch7.1fix_pack_22

liferay digital_experience_platformMatch7.1fix_pack_23

liferay digital_experience_platformMatch7.1fix_pack_24

liferay digital_experience_platformMatch7.1fix_pack_25

liferay digital_experience_platformMatch7.1fix_pack_3

liferay digital_experience_platformMatch7.1fix_pack_4

liferay digital_experience_platformMatch7.1fix_pack_5

liferay digital_experience_platformMatch7.1fix_pack_6

liferay digital_experience_platformMatch7.1fix_pack_7

liferay digital_experience_platformMatch7.1fix_pack_8

liferay digital_experience_platformMatch7.1fix_pack_9

liferay digital_experience_platformMatch7.2-

liferay digital_experience_platformMatch7.2fix_pack_1

liferay digital_experience_platformMatch7.2fix_pack_10

liferay digital_experience_platformMatch7.2fix_pack_11

liferay digital_experience_platformMatch7.2fix_pack_12

liferay digital_experience_platformMatch7.2fix_pack_13

liferay digital_experience_platformMatch7.2fix_pack_14

liferay digital_experience_platformMatch7.2fix_pack_15

liferay digital_experience_platformMatch7.2fix_pack_2

liferay digital_experience_platformMatch7.2fix_pack_3

liferay digital_experience_platformMatch7.2fix_pack_4

liferay digital_experience_platformMatch7.2fix_pack_5

liferay digital_experience_platformMatch7.2fix_pack_6

liferay digital_experience_platformMatch7.2fix_pack_7

liferay digital_experience_platformMatch7.2fix_pack_8

liferay digital_experience_platformMatch7.2fix_pack_9

liferay dxpMatch7.3-

liferay dxpMatch7.3sp1

liferay dxpMatch7.3sp2

liferay dxpMatch7.4ga1

Node

liferay liferay_portalRange7.1.0–7.4.2

Source	Link
liferay	www.liferay.com/
issues	www.issues.liferay.com/browse/LPE-17414
portal	www.portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42121

05 Sep 2025 18:15Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.8

EPSS0.00605

SSVC

CWE-89