| CVE-2021-29043 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP May Reveal S3 Store's Proxy Password |
| CVE-2021-29048 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in the Layout Admin Page |
| CVE-2021-29051 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Asset Publisher App |
| CVE-2021-29052 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Fails to Check Permissions |
| CVE-2021-29041 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay DXP Vulnerable to Denial-of-service (DoS) in the Multi-Factor Authentication Module |
| CVE-2021-29047 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Fails to Invalidate CAPTCHA Answers After Use |
| CVE-2021-29040 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Reveals Data via Overly Verbose Error Messages |
| CVE-2020-15840 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Bypass via Double Encoded URL |
| CVE-2020-15842 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP have Insecure Deserialization Vulnerability |
| CVE-2020-15841 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Potentially Reveal LDAP Server Password via Unsafe Connection |
| CVE-2020-13445 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution |
| CVE-2020-13444 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP Fails to Sanitize API Data |
| CVE-2022-26596 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via web content template names |
| CVE-2022-26597 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via the site name |
| CVE-2022-26595 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP fails to check permissions to view sites/groups |
| CVE-2022-26593 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via the name of an asset category |
| CVE-2022-26594 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP allows arbitrary injection via form field |
| CVE-2021-38266 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP fails to properly import users from LDAP |
| CVE-2021-38265 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) |
| CVE-2021-38269 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in the Gogo Shell module |
| CVE-2021-38267 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in edit blog entry page |
| CVE-2021-38263 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP cross-site scripting (XSS) vulnerability via the script console |
| CVE-2022-25146 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP fails to check origin of event messages |
| CVE-2021-38268 |
unknown |
— |
— |
|
|
|
4y ago |
Liferay Portal and Liferay DXP has incorrect default permissions for site members |
| CVE-2020-15839 |
unknown |
— |
— |
|
|
|
4y ago |
Unrestricted Upload of File with Dangerous Type in Liferay Portal and Liferay DXP |
