Package impact
Maven / com.liferay.portal:release.portal.bom
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2017-12649 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal Vulnerable to XSS via Mishandled Title or Summary in the Web Content Display | |
| CVE-2017-12648 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal XSS Vulnerability | |
| CVE-2017-12647 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title | |
| CVE-2017-12646 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal XSS Vulnerability | |
| CVE-2017-12645 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal Vulnerable to XSS via an Invalid portletId | |
| CVE-2016-10404 | medium | 6.1 | 6.1 | 9y ago | Liferay Portal Vulnerable to XSS via a Crafted Redirect Field | |
| CVE-2025-4655 | medium | 5.0 | 5.0 | 10mo ago | Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery |