2 matches found
CVE-2025-43739
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenticated user to modify the content of emails sent...
com.liferay:com.liferay.calendar.web (>=1.0.0 <=1.0.53), com.liferay:com.liferay.calevent.importer (>=1.0.0 <=1.0.11) potentially affected by CVE-2025-43739 via com.liferay:com.liferay.calendar.service (>=1.0.0 <=2.4.0)
com.liferay:com.liferay.calendar.service MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.11 Source cves: CVE-2025-43739 Source advisory: OSV:GHSA-7MXQ-H2R7-H449...