EUVD-2025-31654

Malicious code in bioql PyPI...

CVE-2025-43815

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

Liferay Portal vulnerable to reflected cross-site scripting on the page configuration page

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

PT-2025-40052

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the com liferay layout admin web portlet...

CVE-2025-43815

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2025-43815

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2025-43815

CVE-2025-43815 is a reflected XSS in Liferay Portal 7.4.3.102–7.4.3.110 and Liferay DXP 2023.Q4.0–2023.Q4.2 (and 2023.Q3.5) exploitable via the com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURLTitle parameter on the page configuration page. The issue allows an attacker to inject arbi...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

Liferay Portal Security Vulnerability

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, and more. A security vulnerability exists in Liferay Portal...

PT-2023-30614 · Liferay · Liferay Portal

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.94 through 7.4.3.95 Description: A reflected cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML via the p l back url title parameter on a content page's edit page...