Cross-site Request Forgery (CSRF)

Overview com.liferay.portal:portal-impl is a Portal Impl Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the orderUuid parameter in the server license registration process. An attacker can register a server license without authorization by tricking an...

com.liferay.maven.plugins:liferay-maven-plugin (>=6.0.2 <=6.0.6), com.liferay.portal:util-taglib (>=6.0.2 <=6.0.6) +3 more potentially affected by CVE-2025-43809 via com.liferay.portal:portal-impl (>=6.0.2 <=6.0.6)

com.liferay.portal:portal-impl MAVEN version =6.0.2, =6.0.2, =6.0.2, =2.4, =1.0, =2.0, =2.5 Source cves: CVE-2025-43809 Source advisory: SNYK:JAVA-COMLIFERAYPORTAL-13003719...

Use of Default Credentials

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Use of Default Credentials due to the API not restricting access before a user has changed their initial password. An attacker can gain unauthorized access and...

br.com.thiagomoreira.liferay.plugins.fix-virtual-host-app:fix-virtual-host-hook (=5.0.0), com.liferay.portal:com.liferay.portal.impl (>=10.0.0 <=108.0.0) +4 more potentially affected by CVE-2025-43792 via com.liferay.portal:com.liferay.portal.kernel (>=100.0.0 <=12.1.0)

com.liferay.portal:com.liferay.portal.kernel MAVEN version =100.0.0, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =12.1.0 Source cves: CVE-2025-43792 Source advisory: OSV:GHSA-VP64-77C6-33H8...

au.com.permeance:liferay-clojure-integration (=0.1), com.liferay.maven.plugins:liferay-maven-plugin (>=6.0.2 <=6.0.6) +6 more potentially affected by CVE-2010-5327 via com.liferay.portal:portal-impl (>=5.2.3 <=6.2.1)

com.liferay.portal:portal-impl MAVEN version =5.2.3, =6.0.2, =6.1.2, =5.2.3, =2.4, =1.0, =2.0, =2.5 Source cves: CVE-2010-5327 Source advisory: OSV:GHSA-97GM-MCV6-CPHM...

Authorization Bypass

portal-impl is vulnerable to authorization bypass. The property portlet.resource.id.banned.paths.regexp can be bypassed with doubled encoded URLs...

Remote Code Execution

portal-impl is vulnerable to remote code execution. The template API does not properly restrict user access to template objects, allowing an attacker to execute arbitrary code on the system using malicious FreeMarker and Velocity templates...

Unauthorized User Deletion

portal-impl is vulnerable to unauthorized user deletion. It is possible for any unregistered or registered user to delete other user from the portal if he or she is aware of the email address of the target user and manage to construct a URL for it...

Information Disclosure

portal-impl is vulnerable to information disclosure. The vulnerability exists as the DDMTemplateResourceParser does not properly check if a template resource is valid...

Arbitrary Code Execution

portal-impl is vulnerable to arbitrary code execution. The library allows untrusted deserialization of serialized data, potentially allowing an attacker to inject arbitrary objects during deserialization which can result in arbitrary code execution...

Authentication Bypass

portal-impl is vulnerable to authentication bypass. The vulnerability exists as the doPost method of TunnelServlet did not properly conduct permission checks...

Remote Code Execution (RCE)

portal-impl is vulnerable to remote code execution RCE. The vulnerability exists as the velocity and freemarker templates were not properly restricting loading of remote classes...

Unauthorized Access

portal-impl allows unauthorized access. A permissions issue can result in a user having permissions that the user should not have access to...

Remote Code Execution (RCE)

portal-impl is vulnerable to remote code execution. The vulnerability exists as it allows untrusted deserialization of other classes through JSONWS, com/liferay/portal/jsonwebservice/JSONWebServiceActionImpl, which may not be permitted by liferay...

Cross-site Scripting (XSS)

Liferay portal-impl is vulnerable to cross-site scripting XSS attacks. The library does not sanitize the portletID field when a portlet is deployed, allowing a malicious user to inject and execute arbitrary web script...