Liferay Luki w zabezpieczeniach

Oś czasu

Rodzaj

Not Defined	167
Content Management System	1

Produkt

Liferay Portal	149
Liferay DXP	132
Liferay Enterprise Portal	7
Liferay Liferay Portal	3
Liferay CMS Portal	1

Przeciwdziałanie

Official Fix	112
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	56

Wykorzystywanie

High	1
Functional	0
Proof-of-Concept	9
Unproven	0
Not Defined	158

Wektor dostępu

Not Defined	0
Physical	0
Local	0
Adjacent	8
Network	160

Uwierzytelnianie

Not Defined	0
High	7
Low	110
None	51

Interakcja z użytkownikiem

Not Defined	0
Required	108
None	60

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	44
≤5	52
≤6	36
≤7	30
≤8	5
≤9	0
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	2
≤4	44
≤5	52
≤6	38
≤7	27
≤8	4
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	5
≤4	77
≤5	56
≤6	13
≤7	15
≤8	1
≤9	0
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	7
≤6	15
≤7	19
≤8	6
≤9	4
≤10	2

CNA

≤1	0
≤2	0
≤3	2
≤4	0
≤5	7
≤6	13
≤7	13
≤8	1
≤9	14
≤10	9

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	52
<2k	103
<5k	13
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	165
<2k	3
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (9): CMS Portal (1), DXP (132), Enterprise Portal (7), Liferay Enterprise Portal (1), Liferay Portal (3), Liferay Portal Enterprise (1), Portal (149), Portal CE (1), portal (1)

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2024-02-21	6.2	6.2	Liferay Portal/DXP Document cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2023-47795
2024-02-21	6.9	6.8	Liferay Portal/DXP Javascript Style Link cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25147
2024-02-21	6.2	6.2	Liferay Portal/DXP Users Admin Module cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25602
2024-02-21	6.2	6.2	Liferay Portal/DXP Expando Module cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25601
2024-02-21	6.2	6.2	Liferay Portal/DXP Instance Settings for Accounts cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2023-40191
2024-02-21	4.4	4.4	Liferay Portal/DXP Calendar Module cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25151
2024-02-21	6.2	6.2	Liferay Portal/DXP Message Board Widget cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25152
2024-02-21	6.2	6.2	Liferay Portal/DXP DDMForm cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25603
2024-02-21	6.9	6.8	Liferay Portal/DXP Add Assignees to a Role Page cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2023-42496
2024-02-21	6.2	6.2	Liferay Portal/DXP cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26266
2024-02-21	6.9	6.8	Liferay Portal/DXP portlet.js cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26269
2024-02-21	6.9	6.8	Liferay Portal/DXP cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2023-42498
2024-02-21	4.3	4.1	Liferay DXP/Portal cross site request forgery	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2021-29050
2024-02-21	3.1	3.0	Liferay DXP/Portal Password Reminder Page information disclosure	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2021-29038
2024-02-20	6.2	6.2	Liferay Portal/DXP Entry Content Text cross site scripting	Nieznany	Not Defined	Official Fix	0.00043	0.03	CVE-2024-25610
2024-02-20	4.5	4.4	Liferay Portal/DXP information disclosure	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26268
2024-02-20	5.1	5.0	Liferay Portal/DXP Account Settings Page privilege escalation	Nieznany	Not Defined	Official Fix	0.00043	0.04	CVE-2024-26270
2024-02-20	5.3	5.2	Liferay Portal/DXP Response Header privilege escalation	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-26267
2024-02-20	4.6	4.5	Liferay Portal/DXP Image Uploader Module denial of service	Nieznany	Not Defined	Official Fix	0.00043	0.03	CVE-2024-26265
2024-02-20	6.0	5.9	Liferay Portal/DXP Java2WsddTask._format XML External Entity	Nieznany	Not Defined	Official Fix	0.00043	0.04	CVE-2024-25606
2024-02-20	5.2	5.1	Liferay Portal/DXP External URL HtmlUtil.escapeRedirect	Nieznany	Not Defined	Official Fix	0.00061	0.02	CVE-2024-25608
2024-02-20	5.6	5.5	Liferay Portal/DXP weak encryption	Nieznany	Not Defined	Official Fix	0.00043	0.06	CVE-2024-25607
2024-02-20	5.2	5.1	Liferay Portal/DXP External URL HtmlUtil.escapeRedirect	Nieznany	Not Defined	Official Fix	0.00061	0.02	CVE-2024-25609
2024-02-20	5.4	5.3	Liferay Portal/DXP User/Organizations Section privilege escalation	Nieznany	Not Defined	Official Fix	0.00043	0.02	CVE-2024-25604
2024-02-20	5.3	5.2	Liferay Portal/DXP Journal Module privilege escalation	Nieznany	Not Defined	Official Fix	0.00043	0.04	CVE-2024-25605

143 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 143 results.

◂ PoprzedniPrzeglądKolejny ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!