Lucene search
K

9 matches found

Cvelist
Cvelist
added 2025/10/23 1:41 p.m.9 views

CVE-2025-62256

Liferay Portal 7.4.0 through 7.4.3.109, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.7, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly restrict access to OpenAPI in certain circumstances, which allows remote attackers...

6.9CVSS0.00384EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.3 views

Liferay Portal和Liferay DXP 路径遍历漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc.Liferay DXP ...

7.5CVSS6.5AI score0.00508EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 9:33 p.m.4 views

GHSA-RX48-GQC2-4W47 Liferay Portal reflected cross-site scripting (XSS) vulnerability in the google_gaget

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q3.0 through 2025.Q3.2, 2025.Q2.0 through 2025.Q2.12, 2025.Q1.0 through 2025.Q1.17, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13,...

6.9CVSS5.9AI score0.00224EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.8 views

Liferay Portal和Liferay DXP 访问控制错误漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...

6.9CVSS6.9AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 9:31 p.m.3 views

GHSA-FHCW-PX4Q-PMVV Liferay Commerce Order Content Web is Vulnerable to Authorization Bypass Through User-Controlled Key

Insecure Direct Object Reference IDOR vulnerability with shipment addresses in Liferay DXP 2023.Q4.1 through 2023.Q4.5 allows remote authenticated users to from one virtual instance to view the shipment addresses of different virtual instance via the...

5.3CVSS6.8AI score0.00249EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.5 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

4.8CVSS6.4AI score0.00258EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.4 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.4CVSS6.4AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.3 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

9CVSS7.6AI score0.00594EPSS
Exploits0References2
MSRC
MSRC
added 2024/01/30 8:0 a.m.27 views

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen,...

7.2AI score
Exploits0
Rows per page
Query Builder