Liferay Portal@7.1.3 Security Vulnerabilities and Issues — Liferay Portal@7.1.3 CVE List

Lucene search

LiferayLiferay Portal7.1.3

2 matches found

CVE•added 2019/10/04 2:15 p.m.•227 views

CVE-2019-16891

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

9.8CVSS9.4AI score0.83825EPSS

CVE•added 2021/01/07 5:15 p.m.•45 views

CVE-2020-25476

Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cross-site scripting (XSS) vulnerability in the user name parameter to Calendar. An attacker can insert the malicious payload on the username, lastname or surname fields of its own profile, and the malicious payload will be injected...

6.1CVSS6.2AI score0.0045EPSS