Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liferay dxp vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2024-25146
Liferay Portal 7.2.0 up to and including 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 18, and older unsupported versions returns with different responses depending on whether a site does not exist or if the user does not ha...
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Liferay Portal
8.1
CVSSv3
CVE-2024-25148
In Liferay Portal 7.2.0 up to and including 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the `doAsUserId` URL parameter may get leaked when creating linked content using the WYSIWYG editor...
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Liferay Portal
5.4
CVSSv3
CVE-2022-42111
A Cross-site scripting (XSS) vulnerability in the Sharing module's user notification in Liferay Portal 7.2.1 up to and including 7.4.2, and Liferay DXP 7.2 before fix pack 19, and 7.3 before update 4 allows remote malicious users to inject arbitrary web script or HTML by sha...
Liferay Liferay Portal
Liferay Dxp 7.2
Liferay Dxp 7.3
9.8
CVSSv3
CVE-2022-42120
A SQL injection vulnerability in the Fragment module in Liferay Portal 7.3.3 up to and including 7.4.3.16, and Liferay DXP 7.3 before update 4, and 7.4 before update 17 allows malicious users to execute arbitrary SQL commands via a PortletPreferences' `namespace` attribute.
Liferay Dxp 7.3
Liferay Liferay Portal
Liferay Dxp 7.4
7.5
CVSSv3
CVE-2021-33323
The Dynamic Data Mapping module in Liferay Portal 7.1.0 up to and including 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote malicious users to view the autosaved values by viewing the f...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
4.3
CVSSv3
CVE-2021-33324
The Layout module in Liferay Portal 7.1.0 up to and including 7.3.1, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 5, does not properly check permission of pages, which allows remote authenticated users without view permission of a page to view the page via a si...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
6.1
CVSSv3
CVE-2021-33332
Cross-site scripting (XSS) vulnerability in the Portlet Configuration module in Liferay Portal 7.1.0 up to and including 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, allows remote malicious users to inject arbitrary web script or HTML via the _com_lif...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
7.2
CVSSv3
CVE-2021-33335
Privilege escalation vulnerability in Liferay Portal 7.0.3 up to and including 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by edit...
Liferay Dxp 7.2
Liferay Dxp 7.1
Liferay Liferay Portal
5.4
CVSSv3
CVE-2021-33336
Cross-site scripting (XSS) vulnerability in the Journal module's add article menu in Liferay Portal 7.3.0 up to and including 7.3.3, and Liferay DXP 7.1 fix pack 18, and 7.2 fix pack 5 through 7, allows remote malicious users to inject arbitrary web script or HTML via the _c...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
6.1
CVSSv3
CVE-2021-33337
Cross-site scripting (XSS) vulnerability in the Document Library module's add document menu in Liferay Portal 7.3.0 up to and including 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote malicious users to inject arbitrary web script or H...
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Liferay Portal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »