Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/10/27 6:54 p.m.1 views

CVE-2025-62253

Open redirect vulnerability in page administration in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to redire...

6.9CVSS6.7AI score0.0004EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.1 views

PT-2025-44021

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3 GA through update 35 Liferay Portal versions 7.4.0 through 7.4.3.97 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Liferay DXP version 2023.Q4.0 Liferay Portal 7.4 GA through update 92 Description An open redirect...

6.9CVSS6.7AI score0.0004EPSS
Exploits0References3
CVE
CVEadded 2025/08/21 4:40 p.m.12 views

CVE-2025-43755

The CVE-2025-43755 entry describes a Stored Cross-Site Scripting (XSS) vulnerability in Liferay Portal and Liferay DXP. Affected products include Liferay Portal 7.4.0 through 7.4.3.132 and Liferay DXP versions 2025.Q2.0, 2025.Q1.0 through 2025.Q1.13, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through...

5.4CVSS6AI score0.00041EPSS
Exploits0References1Affected Software2
OSV
OSVadded 2023/06/15 5:15 a.m.13 views

CVE-2023-35030

Cross-site request forgery CSRF vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the...

8.8CVSS8AI score0.01433EPSS
Exploits0References1
NVD
NVDadded 2023/06/15 5:15 a.m.11 views

CVE-2023-35030

Cross-site request forgery CSRF vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the...

8.8CVSS8.9AI score0.01433EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/06/15 3:47 a.m.12 views

CVE-2023-3193

Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 update 70 through 73 allows remote attackers to inject arbitrary web script or HTML via the comliferaylayoutadminwebportletGroupPagesPortletbackURL...

6.1CVSS6.2AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/06/15 12:0 a.m.2 views

PT-2023-25102 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.70 through 7.4.3.76 Liferay DXP 7.4 update 70 through 76 Description: A cross-site request forgery CSRF issue in the Layout module's SEO configuration allows remote attackers to execute arbitrary code in the...

8.8CVSS8.7AI score0.01433EPSS
Exploits0References6
Rows per page
Query Builder