Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2021-29050
- EPSS 0.3%
- Published 20.02.2024 22:15:08
- Last modified 21.11.2024 06:00:35
Cross-Site Request Forgery (CSRF) vulnerability in the terms of use page in Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use via social engineerin...
3.5
CVE-2011-1504
- EPSS 0.34%
- Published 07.05.2011 19:55:01
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title.
4.3
CVE-2007-6055
- EPSS 7.64%
- Published 20.11.2007 20:46:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter. NOTE: this issue reportedly exists because of a regression that foll...