Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/18 3:4 p.m.7 views

CVE-2025-3526

SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...

8.7CVSS6.7AI score0.00476EPSS
Exploits0References1
CVE
CVE
added 2025/06/16 2:18 p.m.40 views

CVE-2025-3526

CVE-2025-3526 affects Liferay Portal and Liferay DXP: SessionClicks allows unrestricted saving of HTTP session parameters, causing memory exhaustion and DoS. Affected: Liferay Portal 7.0.0–7.4.3.21; Liferay DXP 7.4 GA–update 9; Liferay Portal 7.3 GA–update 25; older unsupported versions. Root cau...

8.7CVSS7.3AI score0.00476EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/06/16 2:18 p.m.5 views

CVE-2025-3526

SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...

8.7CVSS6.7AI score0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/16 2:18 p.m.16 views

CVE-2025-3526

SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...

8.7CVSS0.00476EPSS
Exploits0References1
Rows per page
Query Builder