Liferay Vulnerabilità

Sequenza temporale

Genere

Prodotto

Liferay Portal149
Liferay DXP132
Liferay Enterprise Portal7
Liferay Liferay Portal3
Liferay CMS Portal1

Contromisure

Official Fix112
Temporary Fix0
Workaround0
Unavailable0
Not Defined56

Sfruttabilità

High1
Functional0
Proof-of-Concept9
Unproven0
Not Defined158

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent8
Network160

Autenticazione

Not Defined0
High7
Low110
None51

Interazione dell'utente

Not Defined0
Required108
None60

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤444
≤552
≤636
≤730
≤85
≤90
≤101

CVSSv3 Temp

≤10
≤20
≤32
≤444
≤552
≤638
≤727
≤84
≤91
≤100

VulDB

≤10
≤20
≤35
≤477
≤556
≤613
≤715
≤81
≤90
≤101

NVD

≤10
≤20
≤30
≤40
≤57
≤615
≤719
≤86
≤94
≤102

CNA

≤10
≤20
≤32
≤40
≤57
≤613
≤713
≤81
≤914
≤109

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k52
<2k103
<5k13
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k165
<2k3
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (9): CMS Portal (1), DXP (132), Enterprise Portal (7), Liferay Enterprise Portal (1), Liferay Portal (3), Liferay Portal Enterprise (1), Portal (149), Portal CE (1), portal (1)

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConCTIEPSSCVE
21/02/20246.26.2Liferay Portal/DXP Document cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2023-47795
21/02/20246.96.8Liferay Portal/DXP Javascript Style Link cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25147
21/02/20246.26.2Liferay Portal/DXP Users Admin Module cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25602
21/02/20246.26.2Liferay Portal/DXP Expando Module cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25601
21/02/20246.26.2Liferay Portal/DXP Instance Settings for Accounts cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2023-40191
21/02/20244.44.4Liferay Portal/DXP Calendar Module cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25151
21/02/20246.26.2Liferay Portal/DXP Message Board Widget cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25152
21/02/20246.26.2Liferay Portal/DXP DDMForm cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25603
21/02/20246.96.8Liferay Portal/DXP Add Assignees to a Role Page cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2023-42496
21/02/20246.26.2Liferay Portal/DXP cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-26266
21/02/20246.96.8Liferay Portal/DXP portlet.js cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-26269
21/02/20246.96.8Liferay Portal/DXP cross site scriptingSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2023-42498
21/02/20244.34.1Liferay DXP/Portal cross site request forgerySconosciutoNot DefinedOfficial Fix0.020.00043CVE-2021-29050
21/02/20243.13.0Liferay DXP/Portal Password Reminder Page rivelazione di un 'informazioneSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2021-29038
20/02/20246.26.2Liferay Portal/DXP Entry Content Text cross site scriptingSconosciutoNot DefinedOfficial Fix0.030.00043CVE-2024-25610
20/02/20244.54.4Liferay Portal/DXP rivelazione di un 'informazioneSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-26268
20/02/20245.15.0Liferay Portal/DXP Account Settings Page escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.040.00043CVE-2024-26270
20/02/20245.35.2Liferay Portal/DXP Response Header escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.040.00043CVE-2024-26267
20/02/20244.64.5Liferay Portal/DXP Image Uploader Module denial of serviceSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-26265
20/02/20246.05.9Liferay Portal/DXP Java2WsddTask._format XML External EntitySconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25606
20/02/20245.25.1Liferay Portal/DXP External URL HtmlUtil.escapeRedirectSconosciutoNot DefinedOfficial Fix0.020.00061CVE-2024-25608
20/02/20245.65.5Liferay Portal/DXP crittografia deboleSconosciutoNot DefinedOfficial Fix0.060.00043CVE-2024-25607
20/02/20245.25.1Liferay Portal/DXP External URL HtmlUtil.escapeRedirectSconosciutoNot DefinedOfficial Fix0.020.00061CVE-2024-25609
20/02/20245.45.3Liferay Portal/DXP User/Organizations Section escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.020.00043CVE-2024-25604
20/02/20245.35.2Liferay Portal/DXP Journal Module escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.040.00043CVE-2024-25605

143 non vengono visualizzate più voci

Do you need the next level of professionalism?

Upgrade your account now!