Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liferay liferay portal 7.3 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-29044
Cross-site scripting (XSS) vulnerability in the Site module's membership request administration pages in Liferay Portal 7.0.0 up to and including 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows re...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Liferay Portal
5.9
CVSSv3
CVE-2022-42132
The Test LDAP Users functionality in Liferay Portal 7.0.0 up to and including 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and previous versions, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when pag...
Liferay Digital Experience Platform 7.2
Liferay Digital Experience Platform 7.1
Liferay Digital Experience Platform 7.0
Liferay Digital Experience Platform 7.3
Liferay Digital Experience Platform 7.4
Liferay Liferay Portal
5.9
CVSSv3
CVE-2021-29043
The Portal Store module in Liferay Portal 7.0.0 up to and including 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows malicious users to steal...
Liferay Dxp 7.0
Liferay Dxp 7.1
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Liferay Portal
5.4
CVSSv3
CVE-2024-25145
Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 up to and including 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older u...
Liferay Dxp 7.2
Liferay Dxp 7.3
Liferay Dxp 7.4
Liferay Dxp
Liferay Liferay Portal
5.4
CVSSv3
CVE-2023-42627
Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 up to and including 7.4.3.91, and Liferay DXP 7.3 update 33 and previous versions, and 7.4 before update 92 allow remote malicious users to inject arbitrary web script or HTM...
Liferay Digital Experience Platform 7.3
Liferay Digital Experience Platform 7.4
Liferay Liferay Portal
5.4
CVSSv3
CVE-2023-42628
Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 up to and including 7.4.3.87, and Liferay DXP 7.0 fix pack 83 through 102, 7.1 fix pack 28 and previous versions, 7.2 fix pack 20 and previous versions, 7.3 update 33 and previous versions,...
Liferay Digital Experience Platform 7.2
Liferay Digital Experience Platform 7.1
Liferay Digital Experience Platform 7.0
Liferay Digital Experience Platform 7.3
Liferay Digital Experience Platform 7.4
Liferay Liferay Portal
5.4
CVSSv3
CVE-2023-44310
Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 up to and including 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote malicious users to inject arbitrary web script or HTML via a crafted paylo...
Liferay Digital Experience Platform 7.1
Liferay Digital Experience Platform 7.4
Liferay Liferay Portal
5.4
CVSSv3
CVE-2023-33939
Cross-site scripting (XSS) vulnerability in the Modified Facet widget in Liferay Portal 7.1.0 up to and including 7.4.3.12, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 18, 7.3 before update 4, and 7.4 before update 9 allows remote malicious users to inject arbitra...
Liferay Digital Experience Platform 7.2
Liferay Digital Experience Platform 7.1
Liferay Digital Experience Platform 7.3
Liferay Digital Experience Platform 7.4
Liferay Liferay Portal
5.4
CVSSv3
CVE-2022-42111
A Cross-site scripting (XSS) vulnerability in the Sharing module's user notification in Liferay Portal 7.2.1 up to and including 7.4.2, and Liferay DXP 7.2 before fix pack 19, and 7.3 before update 4 allows remote malicious users to inject arbitrary web script or HTML by sha...
Liferay Liferay Portal
Liferay Dxp 7.2
Liferay Dxp 7.3
5.4
CVSSv3
CVE-2022-42119
Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 up to and including 7.4.2 and Liferay DXP 7.3 before update 8.
Liferay Liferay Portal
Liferay Dxp 7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »