Exposición de Liferay
CMS153
score de exposición
6555
sitios usan
0
en explotación
23
críticos
CVEs
210 resultadosCVE-2025-43809MEDIUMCross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and oldEPSS 0.2%CVE-2025-62258HIGHCSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4.3.107, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through upEPSS 0.2%CVE-2025-43744MEDIUMA stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 202EPSS 0.2%CVE-2025-43819MEDIUMA Insufficient Session Expiration vulnerability in the Liferay Portal 7.4.3.121 through 7.3.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4EPSS 0.2%CVE-2025-43798LOWLiferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35 allows a time-based one-time passwEPSS 0.2%CVE-2025-62250MEDIUMImproper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 throEPSS 0.2%CVE-2025-4604MEDIUMThe vulnerable code can bypass the Captcha check in Liferay Portal 7.4.3.80 through 7.4.3.132, and Liferay DXP 2024.Q1.1 through 2024.Q1.19,EPSS 0.1%CVE-2025-43748HIGHInsufficient CSRF protection for omni-administrator users in Liferay Portal 7.0.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.EPSS 0.1%CVE-2025-62262MEDIUMInformation exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported vEPSS 0.1%CVE-2025-62276MEDIUMThe Document Library and the Adaptive Media modules in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DEPSS 0.1%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →