CVE-2025-43744
- EPSS 0.06%
- Veröffentlicht 19.08.2025 19:34:31
- Zuletzt bearbeitet 20.08.2025 14:40:17
A stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.5, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 thr...
CVE-2025-43743
- EPSS 0.19%
- Veröffentlicht 19.08.2025 19:13:39
- Zuletzt bearbeitet 20.08.2025 14:40:17
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows any authent...
CVE-2025-43745
- EPSS 0.07%
- Veröffentlicht 19.08.2025 18:39:25
- Zuletzt bearbeitet 20.08.2025 14:40:17
A CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.7, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024...
CVE-2025-43737
- EPSS 0.19%
- Veröffentlicht 19.08.2025 18:13:04
- Zuletzt bearbeitet 20.08.2025 14:40:17
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via _com_liferay_journal_w...
CVE-2025-43738
- EPSS 0.19%
- Veröffentlicht 19.08.2025 15:50:08
- Zuletzt bearbeitet 20.08.2025 14:40:17
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 throug...
CVE-2025-43739
- EPSS 0.06%
- Veröffentlicht 19.08.2025 13:54:33
- Zuletzt bearbeitet 20.08.2025 14:40:17
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenti...
CVE-2025-43740
- EPSS 0.2%
- Veröffentlicht 19.08.2025 13:03:48
- Zuletzt bearbeitet 19.08.2025 13:42:47
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.3.120 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 202...
CVE-2025-43731
- EPSS 0.24%
- Veröffentlicht 18.08.2025 18:20:16
- Zuletzt bearbeitet 18.08.2025 20:16:28
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 throug...
- EPSS 0.03%
- Veröffentlicht 18.08.2025 16:48:41
- Zuletzt bearbeitet 18.08.2025 20:16:28
Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA through upda...
CVE-2025-43732
- EPSS 0.06%
- Veröffentlicht 18.08.2025 13:20:46
- Zuletzt bearbeitet 18.08.2025 20:16:28
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to ...