Liferay Vulnérabilités

Chronologie

Taper

Not Defined	167
Content Management System	1

Produit

Liferay Portal	149
Liferay DXP	132
Liferay Enterprise Portal	7
Liferay Liferay Portal	3
Liferay CMS Portal	1

Contre-mesures

Official Fix	112
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	56

Exploitabilité

High	1
Functional	0
Proof-of-Concept	9
Unproven	0
Not Defined	158

Vecteur d'accès

Not Defined	0
Physical	0
Local	0
Adjacent	8
Network	160

Authentification

Not Defined	0
High	7
Low	110
None	51

Interaction de l'utilisateur

Not Defined	0
Required	108
None	60

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	44
≤5	52
≤6	36
≤7	30
≤8	5
≤9	0
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	2
≤4	44
≤5	52
≤6	38
≤7	27
≤8	4
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	5
≤4	77
≤5	56
≤6	13
≤7	15
≤8	1
≤9	0
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	7
≤6	15
≤7	19
≤8	6
≤9	4
≤10	2

CNA

≤1	0
≤2	0
≤3	2
≤4	0
≤5	7
≤6	13
≤7	13
≤8	1
≤9	14
≤10	9

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	52
<2k	103
<5k	13
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	161
<2k	7
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (9): CMS Portal (1), DXP (132), Enterprise Portal (7), Liferay Enterprise Portal (1), Liferay Portal (3), Liferay Portal Enterprise (1), Portal (149), Portal CE (1), portal (1)

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
21/02/2024	6.2	6.2	Liferay Portal/DXP Document cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2023-47795
21/02/2024	6.9	6.8	Liferay Portal/DXP Javascript Style Link cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25147
21/02/2024	6.2	6.2	Liferay Portal/DXP Users Admin Module cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25602
21/02/2024	6.2	6.2	Liferay Portal/DXP Expando Module cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25601
21/02/2024	6.2	6.2	Liferay Portal/DXP Instance Settings for Accounts cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2023-40191
21/02/2024	4.4	4.4	Liferay Portal/DXP Calendar Module cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25151
21/02/2024	6.2	6.2	Liferay Portal/DXP Message Board Widget cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25152
21/02/2024	6.2	6.2	Liferay Portal/DXP DDMForm cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25603
21/02/2024	6.9	6.8	Liferay Portal/DXP Add Assignees to a Role Page cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2023-42496
21/02/2024	6.2	6.2	Liferay Portal/DXP cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26266
21/02/2024	6.9	6.8	Liferay Portal/DXP portlet.js cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26269
21/02/2024	6.9	6.8	Liferay Portal/DXP cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2023-42498
21/02/2024	4.3	4.1	Liferay DXP/Portal cross site request forgery	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2021-29050
21/02/2024	3.1	3.0	Liferay DXP/Portal Password Reminder Page divulgation de l'information	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2021-29038
20/02/2024	6.2	6.2	Liferay Portal/DXP Entry Content Text cross site scripting	Inconnue	Not Defined	Official Fix	0.00043	0.03	CVE-2024-25610
20/02/2024	4.5	4.4	Liferay Portal/DXP divulgation de l'information	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26268
20/02/2024	5.1	5.0	Liferay Portal/DXP Account Settings Page elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.04	CVE-2024-26270
20/02/2024	5.3	5.2	Liferay Portal/DXP Response Header elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26267
20/02/2024	4.6	4.5	Liferay Portal/DXP Image Uploader Module dénie de service	Inconnue	Not Defined	Official Fix	0.00043	0.03	CVE-2024-26265
20/02/2024	6.0	5.9	Liferay Portal/DXP Java2WsddTask._format XML External Entity	Inconnue	Not Defined	Official Fix	0.00043	0.04	CVE-2024-25606
20/02/2024	5.2	5.1	Liferay Portal/DXP External URL HtmlUtil.escapeRedirect	Inconnue	Not Defined	Official Fix	0.00061	0.02	CVE-2024-25608
20/02/2024	5.6	5.5	Liferay Portal/DXP chiffrement faible	Inconnue	Not Defined	Official Fix	0.00043	0.06	CVE-2024-25607
20/02/2024	5.2	5.1	Liferay Portal/DXP External URL HtmlUtil.escapeRedirect	Inconnue	Not Defined	Official Fix	0.00061	0.02	CVE-2024-25609
20/02/2024	5.4	5.3	Liferay Portal/DXP User/Organizations Section elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25604
20/02/2024	5.3	5.2	Liferay Portal/DXP Journal Module elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.04	CVE-2024-25605

Liferay Vulnérabilités

Chronologie

Taper

Produit

Contre-mesures

Exploitabilité

Vecteur d'accès

Authentification

Interaction de l'utilisateur

C3BM Index

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Fournisseur

Research

Exploiter 0 jour

Exploiter aujourd'hui

Exploiter le volume du marché

🔴 CTI Activités

🔒 Login Required

Do you know our Splunk app?