Package impact
Maven / com.liferay.portal:com.liferay.portal.kernel
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2020-7961 | unknown | — | 1.5 | 4y ago | Deserialization of Untrusted Data in Liferay Portal | |
| CVE-2025-43792 | unknown | — | — | 9mo ago | Liferay Portal has External Control of System or Configuration Settings | |
| CVE-2025-43793 | unknown | — | — | 9mo ago | Liferay Portal has Improper Validation of Specified Quantity in Input | |
| CVE-2025-43770 | unknown | — | — | 9mo ago | Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter | |
| CVE-2025-3526 | unknown | — | — | 1y ago | Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session | |
| CVE-2024-25607 | unknown | — | — | 2y ago | Liferay Portal defaults to a low work factor for the default password hashing algorithm |