Exposição de Liferay
CMS153
score de exposição
6.555
sites usam
0
em exploração
23
críticos
CVEs
210 resultadosCVE-2025-3594HIGHPath traversal vulnerability with the downloading and installation of Xuggler in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GEPSS 0.6%CVE-2024-25144MEDIUMThe IFrame widget in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 beforeEPSS 0.6%CVE-2024-25145CRITICALStored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, anEPSS 0.6%CVE-2024-26266CRITICALMultiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.2.0 through 7.4.3.13, and older unsupported versions, and LifEPSS 0.6%CVE-2024-25152CRITICALStored cross-site scripting (XSS) vulnerability in Message Board widget in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versionEPSS 0.6%CVE-2024-25603CRITICALStored cross-site scripting (XSS) vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and olEPSS 0.6%CVE-2024-25601CRITICALStored cross-site scripting (XSS) vulnerability in Expando module's geolocation custom fields in Liferay Portal 7.2.0 through 7.4.2, and oldEPSS 0.6%CVE-2024-25147CRITICALCross-site scripting (XSS) vulnerability in HtmlUtil.escapeJsLink in Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, andEPSS 0.6%CVE-2024-26269CRITICALCross-site scripting (XSS) vulnerability in the Frontend JS module's portlet.js in Liferay Portal 7.2.0 through 7.4.3.37, and Liferay DXP 7.EPSS 0.6%CVE-2023-33945MEDIUMSQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17, and Liferay DXP 7.3 before updatEPSS 0.6%CVE-2025-4576MEDIUMA reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.QEPSS 0.5%CVE-2024-25148MEDIUMIn Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, anEPSS 0.5%CVE-2023-33942MEDIUMCross-site scripting (XSS) vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and LiferaEPSS 0.5%CVE-2023-33944MEDIUMCross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP 7.3 before update 24, anEPSS 0.5%CVE-2023-33940MEDIUMCross-site scripting (XSS) vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before updEPSS 0.5%CVE-2024-26267MEDIUMIn Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4 before update 26, 7.3 before update 5, 7.2 befEPSS 0.5%CVE-2024-26268MEDIUMUser enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 2EPSS 0.5%CVE-2023-33939MEDIUMCross-site scripting (XSS) vulnerability in the Modified Facet widget in Liferay Portal 7.1.0 through 7.4.3.12, and Liferay DXP 7.1 before fEPSS 0.5%CVE-2023-33938MEDIUMCross-site scripting (XSS) vulnerability in the App Builder module's custom object details page in Liferay Portal 7.3.0 through 7.4.0, and LEPSS 0.5%CVE-2024-25610CRITICALIn Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 befoEPSS 0.5%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →