Liferay Portal

Liferay Portal is the worlds leading enterprise open source portal framework offering integrated Web publishing and content management an enterprise service bus and service-oriented architecture and compatibility with all major IT infrastructure.

Severity Summary:

Critical: 3 High: 35 Medium: 136 Low: 2
Reference
Title
Severity
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
Liferay Portal Deserialization of Untrusted Data Vulnerability
Critical
Liferay Portal Vulnerability
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
Liferay Portal Missing Authorization Vulnerability
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability
High
Liferay Portal Insecure Default Initialization of Resource Vulnerability
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability
High
Liferay Portal Incorrect Authorization Vulnerability
High
Liferay Portal Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
Liferay Portal Insufficient Session Expiration Vulnerability
High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay Portal Deserialization of Untrusted Data Vulnerability
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
Liferay Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
Liferay Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
Liferay Portal Deserialization of Untrusted Data Vulnerability
High
Liferay Portal Vulnerability
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay Portal Incorrect Authorization Vulnerability
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay Portal Use of Password Hash With Insufficient Computational Effort Vulnerability
High
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High