Liferay

Dxp

154 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2025-43738

  • EPSS 0.19%
  • Published 19.08.2025 15:50:08
  • Last modified 20.08.2025 14:40:17

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 throug...

5.3

CVE-2025-43739

  • EPSS 0.06%
  • Published 19.08.2025 13:54:33
  • Last modified 20.08.2025 14:40:17

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenti...

4.6

CVE-2025-43740

  • EPSS 0.2%
  • Published 19.08.2025 13:03:48
  • Last modified 19.08.2025 13:42:47

A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.3.120 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 202...

6.9

CVE-2025-43731

  • EPSS 0.24%
  • Published 18.08.2025 18:20:16
  • Last modified 18.08.2025 20:16:28

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 throug...

2

CVE-2025-3639

  • EPSS 0.03%
  • Published 18.08.2025 16:48:41
  • Last modified 18.08.2025 20:16:28

Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA through upda...

4.8

CVE-2025-43732

  • EPSS 0.06%
  • Published 18.08.2025 13:20:46
  • Last modified 18.08.2025 20:16:28

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to ...

2.3

CVE-2025-43733

  • EPSS 0.22%
  • Published 18.08.2025 12:06:07
  • Last modified 18.08.2025 20:16:28

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious paylo...

5.1

CVE-2025-43734

  • EPSS 0.24%
  • Published 12.08.2025 18:51:55
  • Last modified 13.08.2025 17:33:46

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 throu...

6.9

CVE-2025-43735

  • EPSS 0.07%
  • Published 12.08.2025 12:19:09
  • Last modified 12.08.2025 14:25:33

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA throu...

6.9

CVE-2025-43736

  • EPSS 0.06%
  • Published 12.08.2025 11:15:26
  • Last modified 12.08.2025 14:25:33

A Denial Of Service via File Upload (DOS) vulnerability in the Liferay Portal 7.4.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 t...