CMS

Liferay Portal

Liferay Portal is the worlds leading enterprise open source portal framework offering integrated Web publishing and content management an enterprise service bus and service-oriented architecture and compatibility with all major IT infrastructure.

Official Site:

https://www.liferay.com/downloads-community

Severity Summary:

Critical: 3 High: 35 Medium: 136 Low: 2

Reference

Title

Severity

CVE-2023-3193

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2023-33938

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2021-38263

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2023-3426

Liferay Portal Missing Authorization Vulnerability

Medium

CVE-2022-28982

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-28980

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-28978

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-28979

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-39975

Liferay Portal Missing Authorization Vulnerability

Medium

CVE-2022-28977

Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Medium

CVE-2022-26596

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-41414

Liferay Portal Incorrect Default Permissions Vulnerability

Medium

CVE-2022-25146

Liferay Portal Origin Validation Error Vulnerability

Medium

CVE-2022-42115

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-42116

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-38902

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-26597

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-42111

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2022-26594

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2023-35029

Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Medium

CVE-2022-38512

Liferay Portal Missing Authorization Vulnerability

Medium

CVE-2021-29045

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2020-15839

Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability

Medium

CVE-2019-16147

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2021-29051

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2021-29044

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2021-29040

Liferay Portal Generation of Error Message Containing Sensitive Information Vulnerability

Medium

CVE-2020-7934

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2020-15840

Liferay Portal Vulnerability

Medium

CVE-2019-6588

Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium