Vulners
Lucene search
Liferay Portal 7.4.0.x <= 7.4.3.132 Multiple Vulnerabilities
| Reporter | Title | Published | Views | Family All 234 |
|---|---|---|---|---|
 | Exploit for CVE-2025-3639 | 13 Sep 202503:09 | – | githubexploit |
 | CVE-2025-3639 | 17 Sep 202521:02 | – | circl |
| CVE-2025-43737 | 19 Aug 202520:28 | – | circl |
| CVE-2025-43738 | 19 Aug 202516:06 | – | circl |
| CVE-2025-43739 | 19 Aug 202514:10 | – | circl |
| CVE-2025-43740 | 19 Aug 202514:18 | – | circl |
| CVE-2025-43744 | 19 Aug 202520:07 | – | circl |
| CVE-2025-43745 | 19 Aug 202520:43 | – | circl |
| CVE-2025-43746 | 20 Aug 202520:23 | – | circl |
| CVE-2025-43757 | 21 Aug 202500:38 | – | circl |
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(245205);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/21");
script_cve_id(
"CVE-2025-3639",
"CVE-2025-4576",
"CVE-2025-4604",
"CVE-2025-43737",
"CVE-2025-43738",
"CVE-2025-43739",
"CVE-2025-43740",
"CVE-2025-43744",
"CVE-2025-43745",
"CVE-2025-43746",
"CVE-2025-43757",
"CVE-2025-43773",
"CVE-2025-43776",
"CVE-2025-43777",
"CVE-2025-43778",
"CVE-2025-43787"
);
script_xref(name:"IAVA", value:"2025-A-0568-S");
script_xref(name:"IAVA", value:"2025-A-0622-S");
script_xref(name:"IAVA", value:"2025-A-0637-S");
script_xref(name:"IAVA", value:"2025-A-0678-S");
script_name(english:"Liferay Portal 7.4.0.x <= 7.4.3.132 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The version of Liferay Portal installed on the remote host is 7.4.x <= 7.4.3.132. It is, therefore, affected by
multiple vulnerabilities:
- A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal allows an remote non-authenticated attacker
to inject JavaScript into the modules/apps/blogs/blogs-web/src/main/resources/META-INF/resources/blogs/entry_cover_image_caption.jsp
(CVE-2025-4576)
- The vulnerable code can bypass the Captcha check in Liferay Portal and then attackers can run scripts in the Gogo shell.
(CVE-2025-4604)
- Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through
2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and
7.4 GA through update 92 allow any authenticated user to modify the content of emails sent through the
calendar portlet, allowing an attacker to send phishing emails to any other user in the same
organization. (CVE-2025-43739)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43773
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4fbb79d6");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-4576
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8481a8c9");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-4604
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f35fe72d");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-3639-1?p_r_p_assetEntryId=123548599&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D123548599%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4d649bff");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43740
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?597f26f4");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43739
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d7ceb0f3");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43738
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f9c16a4d");
script_set_attribute(attribute:"solution", value:
"Upgrade Liferay Portal based upon the guidance specified in the advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-4604");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/05/12");
script_set_attribute(attribute:"patch_publication_date", value:"2025/05/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/07");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:liferay:liferay_portal");
script_set_attribute(attribute:"stig_severity", value:"II");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_set_attribute(attribute:"enable_cgi_scanning", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("liferay_detect.nasl");
script_require_keys("installed_sw/liferay_portal");
script_exclude_keys("Settings/disable_cgi_scanning");
exit(0);
}
include('vcf.inc');
var app_info = vcf::combined_get_app_info(app:'liferay_portal');
var constraints = [ // Advisory simply states "fixed on master branch"
{ 'min_version':'7.4.0', 'max_version':'7.4.3.132', 'fixed_display':'See vendor advisory' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xss':TRUE}
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Jan 2026 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 46.9
CVSS 3.19.1
EPSS0.118
SSVC