Liferay Portal Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

7.06
6.0.05
6.0.15
6.0.25
6.0.35

Contromisure

Official Fix109
Temporary Fix0
Workaround0
Unavailable0
Not Defined55

Sfruttabilità

High1
Functional0
Proof-of-Concept9
Unproven0
Not Defined154

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent8
Network156

Autenticazione

Not Defined0
High7
Low107
None50

Interazione dell'utente

Not Defined0
Required105
None59

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤30
≤443
≤550
≤635
≤730
≤85
≤90
≤101

CVSSv3 Temp

≤10
≤20
≤32
≤443
≤550
≤637
≤727
≤84
≤91
≤100

VulDB

≤10
≤20
≤35
≤475
≤555
≤612
≤715
≤81
≤90
≤101

NVD

≤10
≤20
≤30
≤40
≤57
≤614
≤719
≤86
≤94
≤102

CNA

≤10
≤20
≤32
≤40
≤57
≤613
≤712
≤81
≤914
≤109

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k49
<2k102
<5k13
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k155
<2k9
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (87): 2.0, 2.1, 3.6, 3.6.1, 4.0, 4.1, 4.1.1, 4.3, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 5, 5.0.1, 5.1, 5.1.1, 5.1.2, 5.2, 5.2.1, 5.2.2, 5.2.3, 6, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.1, 6.1.x Ee, 6.2, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 7.0, 7.1.3, 7.2, 7.2.1, 7.3.4, 7.3.10 SP3, 7.4, 7.4.1, 7.4.2, 7.4.3, 7.4.3.1, 7.4.3.2, 7.4.3.3, 7.4.3.4, 7.4.3.5, 7.4.3.6, 7.4.3.7, 7.4.3.8, 7.4.3.9, 7.4.3.11, 7.4.3.12, 7.4.3.13, 7.4.3.14, 7.4.3.15, 7.4.3.16, 7.4.3.17, 7.4.3.18, 7.4.3.19, 7.4.3.21, 7.4.3.22, 7.4.3.23, 7.4.3.24, 7.4.3.25, 7.4.3.26, 7.4.3.27, 7.4.3.28, 7.4.3.29, 7.4.3.31, 7.4.3.32, 7.4.3.33, 7.4.3.34, 7.4.3.35, 7.4.3.36, 7.4.3.94, 7.4.3.95

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
21/02/20246.26.2Liferay Portal/DXP Document cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-47795
21/02/20246.96.8Liferay Portal/DXP Javascript Style Link cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25147
21/02/20246.26.2Liferay Portal/DXP Users Admin Module cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25602
21/02/20246.26.2Liferay Portal/DXP Expando Module cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25601
21/02/20246.26.2Liferay Portal/DXP Instance Settings for Accounts cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-40191
21/02/20244.44.4Liferay Portal/DXP Calendar Module cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25151
21/02/20246.26.2Liferay Portal/DXP Message Board Widget cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2024-25152
21/02/20246.26.2Liferay Portal/DXP DDMForm cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25603
21/02/20246.96.8Liferay Portal/DXP Add Assignees to a Role Page cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-42496
21/02/20246.26.2Liferay Portal/DXP cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-26266
21/02/20246.96.8Liferay Portal/DXP portlet.js cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-26269
21/02/20246.96.8Liferay Portal/DXP cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-42498
21/02/20244.34.1Liferay DXP/Portal cross site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-29050
21/02/20243.13.0Liferay DXP/Portal Password Reminder Page rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-29038
20/02/20246.26.2Liferay Portal/DXP Entry Content Text cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-25610
20/02/20244.54.4Liferay Portal/DXP rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-26268
20/02/20245.15.0Liferay Portal/DXP Account Settings Page escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-26270
20/02/20245.35.2Liferay Portal/DXP Response Header escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-26267
20/02/20244.64.5Liferay Portal/DXP Image Uploader Module denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-26265
20/02/20246.05.9Liferay Portal/DXP Java2WsddTask._format XML External Entity$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-25606
20/02/20245.25.1Liferay Portal/DXP External URL HtmlUtil.escapeRedirect$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25608
20/02/20245.65.5Liferay Portal/DXP crittografia debole$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2024-25607
20/02/20245.25.1Liferay Portal/DXP External URL HtmlUtil.escapeRedirect$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25609
20/02/20245.45.3Liferay Portal/DXP User/Organizations Section escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25604
20/02/20245.35.2Liferay Portal/DXP Journal Module escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-25605

139 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 139 results.

altre voci di Liferay

PrecedenteVisione D'insiemeIl prossimo

Interested in the pricing of exploits?

See the underground prices here!