Liferay DXP

Digital Experience Platform (DXP) is an emerging category of enterprise software seeking to meet the needs of companies undergoing digital transformation with the ultimate goal of providing better customer experiences. DXPs can be a single product but are often a suite of products that work together. DXPs provide an architecture for companies to digitize business operations deliver connected customer experiences and gather actionable customer insight.

Severity Summary:

Critical: 1 High: 22 Medium: 103
Reference
Title
Severity
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
Liferay DXP Insecure Default Initialization of Resource Vulnerability
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
Liferay DXP Insufficient Session Expiration Vulnerability
High
Liferay DXP Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
Liferay DXP Incorrect Authorization Vulnerability
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
Liferay DXP Inefficient Regular Expression Complexity Vulnerability
High
Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay DXP Incorrect Authorization Vulnerability
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay DXP Improper Authentication Vulnerability
High
Liferay DXP Deserialization of Untrusted Data Vulnerability
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability
High
Liferay DXP Vulnerability
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
Liferay DXP Vulnerability
High
Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability
High
Liferay DXP Insufficiently Protected Credentials Vulnerability
High
Liferay DXP Cleartext Storage of Sensitive Information Vulnerability
High
Liferay DXP Other Vulnerability
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
Liferay DXP Vulnerability
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium