| CVE-2021-29044 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Membership Request Admin Page |
|
| CVE-2021-29053 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections |
|
| CVE-2021-29051 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Asset Publisher App |
|
| CVE-2021-29052 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Check Permissions |
|
| CVE-2021-29047 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Invalidate CAPTCHA Answers After Use |
|
| CVE-2021-29040 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Reveals Data via Overly Verbose Error Messages |
|
| CVE-2021-29041 |
unknown |
— |
— |
4y ago |
Liferay DXP Vulnerable to Denial-of-service (DoS) in the Multi-Factor Authentication Module |
|
| CVE-2020-15840 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Bypass via Double Encoded URL |
|
| CVE-2020-15842 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP have Insecure Deserialization Vulnerability |
|
| CVE-2020-15841 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Potentially Reveal LDAP Server Password via Unsafe Connection |
|
| CVE-2020-13445 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution |
|
| CVE-2020-13444 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Sanitize API Data |
|
| CVE-2022-26596 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via web content template names |
|
| CVE-2022-26597 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via the site name |
|
| CVE-2022-26595 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP fails to check permissions to view sites/groups |
|
| CVE-2022-26593 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via the name of an asset category |
|
| CVE-2022-26594 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via form field |
|
| CVE-2021-38266 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP fails to properly import users from LDAP |
|
| CVE-2021-38263 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP cross-site scripting (XSS) vulnerability via the script console |
|
| CVE-2021-38267 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in edit blog entry page |
|
| CVE-2021-38269 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in the Gogo Shell module |
|
| CVE-2021-38265 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) |
|
| CVE-2022-25146 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP fails to check origin of event messages |
|
| CVE-2021-38268 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP has incorrect default permissions for site members |
|
| CVE-2020-15839 |
unknown |
— |
— |
4y ago |
Unrestricted Upload of File with Dangerous Type in Liferay Portal and Liferay DXP |
|