Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25478

Malicious code in bioql PyPI...

6.9CVSS6.4AI score0.00199EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.4 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6.2AI score0.00286EPSS
Exploits0References3
OSV
OSV
added 2025/08/21 6:31 p.m.7 views

GHSA-Q2GV-W583-F2VQ Liferay Portal Reflected Cross-Site Scripting Vulnerability via snippet Parameter

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.15, 2025.Q2.0 through 2025.Q2.2 and 2024.Q1.13 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via snippet parameter...

6.9CVSS5.7AI score0.00199EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/21 6:20 p.m.10 views

CVE-2025-43737

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via comliferayjournalwebportletJournalPortletbackURL parameter...

5.1CVSS5.7AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2025/08/21 4:19 p.m.21 views

CVE-2025-43756

A reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.3.132 and Liferay DXP versions 2025.Q1.0–2025.Q1.15, 2025.Q2.0–2025.Q2.2, and 2024.Q1.13–2024.Q1.19. The issue allows a remote authenticated user to inject JavaScript code through the snippet parameter. Impact is described...

6.9CVSS5.7AI score0.00199EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2025/08/19 7:15 p.m.5 views

CVE-2025-43737

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via comliferayjournalwebportletJournalPortletbackURL parameter...

5.4CVSS0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/19 6:13 p.m.12 views

CVE-2025-43737

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via comliferayjournalwebportletJournalPortletbackURL parameter...

5.1CVSS0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.8 views

PT-2025-33824 · Liferay · Liferay Portal 7.4.3.132 +4

Name of the Vulnerable Software and Affected Versions: Liferay Portal version 7.4.3.132 Liferay DXP versions 2025.Q2.0 through 2025.Q2.8 Liferay DXP versions 2025.Q1.0 through 2025.Q1.15 Description: A reflected cross-site scripting XSS vulnerability exists that allows a remote authenticated user...

5.1CVSS5.6AI score0.0026EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/08/18 12:6 p.m.12 views

CVE-2025-43733

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user...

2.3CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/18 12:6 p.m.3 views

CVE-2025-43733

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user...

2.3CVSS5.7AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.5 views

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6.5AI score0.00199EPSS
Exploits0References2
Rows per page
Query Builder