| CVE-2023-33941 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33940 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33939 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33938 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33937 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33942 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2023-33943 |
unknown |
— |
— |
3y ago |
Cross-site scripting in Liferay Portal |
|
| CVE-2022-42132 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Includes LDAP Credentials in the Page URL |
|
| CVE-2022-42131 |
unknown |
— |
— |
4y ago |
Improper Certificate Validation in Liferay Portal |
|
| CVE-2022-42130 |
unknown |
— |
— |
4y ago |
Incorrect Default Permissions in Liferay Portal |
|
| CVE-2022-42129 |
unknown |
— |
— |
4y ago |
Authorization Bypass in Liferay Portal |
|
| CVE-2022-42128 |
unknown |
— |
— |
4y ago |
Incorrect Default Permissions in Liferay Portal |
|
| CVE-2022-42127 |
unknown |
— |
— |
4y ago |
Incorrect Default Permissions in Liferay Portal |
|
| CVE-2022-42126 |
unknown |
— |
— |
4y ago |
Missing permissions check in Liferay Portal |
|
| CVE-2022-42125 |
unknown |
— |
— |
4y ago |
Path Traversal in Liferay Portal |
|
| CVE-2022-42124 |
unknown |
— |
— |
4y ago |
Inefficient Regular Expression Complexity in Liferay Portal |
|
| CVE-2022-42123 |
unknown |
— |
— |
4y ago |
Path Traversal in Liferay Portal |
|
| CVE-2022-42122 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to SQL Injection via Friendly URL Module |
|
| CVE-2022-41414 |
unknown |
— |
— |
4y ago |
Liferay Portal Insecure Default Configuration in auth.login.prompt.enabled |
|
| CVE-2022-39975 |
unknown |
— |
— |
4y ago |
Liferay Portal Missing Authorization vulnerability |
|
| CVE-2022-28977 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP HtmlUtil.escapeRedirect Can Be Circumvented |
|
| CVE-2021-33330 |
unknown |
— |
— |
4y ago |
Exposure of Resource to Wrong Sphere in Liferay Portal |
|
| CVE-2021-33335 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Has Company Administrator Accounts Vulnerable to Takeovers |
|
| CVE-2021-33339 |
unknown |
— |
— |
4y ago |
Liferay Portal Fragment Module and Liferay DXP Vulnerable to Cross-Site Scripting |
|
| CVE-2021-33338 |
unknown |
— |
— |
4y ago |
Liferay Portal Layout Module and Liferay DXP Exposes the Cross-Site Request Forgery (CSRF) Token in URLs |
|
| CVE-2021-33336 |
unknown |
— |
— |
4y ago |
Liferay Portal Journal Module and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) |
|
| CVE-2021-35463 |
unknown |
— |
— |
4y ago |
Liferay Portal cross-site scripting (XSS) vulnerability in the Frontend Taglib module |
|
| CVE-2021-33324 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Don't Check Permissions of Pages |
|
| CVE-2021-33321 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP insecure default configuration |
|
| CVE-2021-33328 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Edit Vocabulary Page |
|
| CVE-2021-33325 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Stores User Passwords in Cleartext |
|
| CVE-2021-33331 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLs |
|
| CVE-2021-33334 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Properly Check User Permissions |
|
| CVE-2021-33333 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Check User Permissions for Workflow Submissions |
|
| CVE-2021-33332 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) |
|
| CVE-2021-29046 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Asset Module Parameter |
|
| CVE-2021-29044 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Membership Request Admin Page |
|
| CVE-2021-29053 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections |
|
| CVE-2021-29043 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP May Reveal S3 Store's Proxy Password |
|
| CVE-2021-29045 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via the Redirect's Admin Page |
|
| CVE-2021-29048 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in the Layout Admin Page |
|
| CVE-2021-29052 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Check Permissions |
|
| CVE-2021-29051 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Asset Publisher App |
|
| CVE-2021-29040 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Reveals Data via Overly Verbose Error Messages |
|
| CVE-2021-29047 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Invalidate CAPTCHA Answers After Use |
|
| CVE-2021-29039 |
unknown |
— |
— |
4y ago |
Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via Categories Admin Page |
|
| CVE-2020-25476 |
unknown |
— |
— |
4y ago |
Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via User Name Parameter |
|
| CVE-2020-15840 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Bypass via Double Encoded URL |
|
| CVE-2020-15842 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP have Insecure Deserialization Vulnerability |
|
| CVE-2020-15841 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Potentially Reveal LDAP Server Password via Unsafe Connection |
|
| CVE-2020-13444 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Fails to Sanitize API Data |
|
| CVE-2020-13445 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution |
|
| CVE-2020-7934 |
unknown |
— |
— |
4y ago |
Liferay Portal Vulnerable to Persistent Cross-Site Scripting (XSS) in MyAccountPortlet |
|
| CVE-2019-16891 |
unknown |
— |
— |
4y ago |
Liferay Portal Allows RCE via Deserialization of a JSON Payload |
|
| CVE-2019-6588 |
unknown |
— |
— |
4y ago |
Liferay Portal Allows Cross-Site Scripting (XSS) via the SimpleCaptcha API |
|
| CVE-2017-1000425 |
unknown |
— |
— |
4y ago |
Liferay Portal XSS vulnerability via movie parameter in the /html/portal/flash.jsp page |
|
| CVE-2022-26595 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP fails to check permissions to view sites/groups |
|
| CVE-2021-38267 |
unknown |
— |
— |
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in edit blog entry page |
|
| CVE-2020-24554 |
unknown |
— |
— |
5y ago |
Open Redirect in Liferay Portal |
|