3 matches found
PT-2025-44660
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.8 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.10 Description A reflected cross-site scripting XSS issue exists in the Language Override...
PT-2025-18083 · Seppmail · Seppmail
Name of the Vulnerable Software and Affected Versions: SEPPmail versions prior to 12.1.18 Description: The issue allows command injection within the Admin Portal. An authenticated attacker can execute arbitrary code in the context of the user root. Recommendations: For versions prior to 12.1.18,...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the comliferaylayoutadminwebportletGroupPagesPortletbackURL parameter in the SEO configuration process. An attacker can execute arbitrary code by tricking a user into performing actions through crafte...