Package impact
Maven / com.liferay.portal:release.dxp.bom
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-4655 | medium | 5.0 | 5.0 | 10mo ago | Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery | |
| CVE-2024-26267 | unknown | — | — | 2y ago | Liferay Portal and Liferay DXP HTTP Header Can Expose Versions | |
| CVE-2023-47798 | unknown | — | — | 2y ago | Liferay Portal's account lockout does not invalidate existing user sessions |