Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liferay dxp vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-33333
The Portal Workflow module in Liferay Portal 7.3.2 and previous versions, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which allows remote authenticated users to view and delete workflow submiss...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
356
VMScore
CVE-2021-33334
The Dynamic Data Mapping module in Liferay Portal 7.0.0 up to and including 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Sit...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
383
VMScore
CVE-2021-29051
Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 up to and including 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote malicious users to inject arbitrary we...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Liferay Portal
445
VMScore
CVE-2021-33322
In Liferay Portal 7.3.0 and previous versions, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote malicious users to change the user’s ...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
356
VMScore
CVE-2021-33325
The Portal Workflow module in Liferay Portal 7.3.2 and previous versions, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows ...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
383
VMScore
CVE-2021-33326
Cross-site scripting (XSS) vulnerability in the Frontend JS module in Liferay Portal 7.3.4 and previous versions, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20 and 7.2 before fix pack 9, allows remote malicious users to inject arbitrary web script or HTML via the...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
312
VMScore
CVE-2021-33328
Cross-site scripting (XSS) vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 up to and including 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote malicious users to inject arbitrary...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
383
VMScore
CVE-2020-15841
Liferay Portal prior to 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote malicious users to obtain the LDAP server's password via the Test LDAP Connection...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
445
VMScore
CVE-2020-15840
In Liferay Portal prior to 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs.
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal 6.2
Liferay Liferay Portal
NA
CVE-2022-42114
A Cross-site scripting (XSS) vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 up to and including 7.4.3.36, and Liferay DXP 7.4 before update 37 allows remote malicious users to inject arbitrary web script or HTML.
Liferay Dxp 7.4
Liferay Dxp
Liferay Liferay Portal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »