Known Vulnerabilities for Digital Experience Platform by Liferay
Listed below are 8 of the newest known vulnerabilities associated with "Digital Experience Platform" by "Liferay".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-25146 | The Remote App module in Liferay Portal Liferay Portal v7.4.3.4 through v7.4.3.8 and Liferay DXP 7.4 before update 5 does not... | 5.3 - MEDIUM | 2022-03-03 | 2022-10-28 |
| CVE-2021-38269 | Cross-site scripting (XSS) vulnerability in the Gogo Shell module in Liferay Portal 7.1.0 through 7.3.6 and 7.4.0, and Lifera... | 5.4 - MEDIUM | 2022-03-03 | 2022-05-13 |
| CVE-2021-38268 | The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.6, and Liferay DXP 7.0 before fix pack 101, 7.1 before fi... | 6.5 - MEDIUM | 2022-03-02 | 2022-10-05 |
| CVE-2021-38267 | Cross-site scripting (XSS) vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, an... | 5.4 - MEDIUM | 2022-03-03 | 2022-06-16 |
| CVE-2021-38266 | The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 1... | 7.5 - HIGH | 2022-03-02 | 2022-05-13 |
| CVE-2021-38265 | Cross-site scripting (XSS) vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to ... | 5.4 - MEDIUM | 2022-03-03 | 2022-07-30 |
| CVE-2021-38263 | Cross-site scripting (XSS) vulnerability in the Server module's script console in Liferay Portal 7.3.2 and earlier, and Lifer... | 6.1 - MEDIUM | 2022-03-03 | 2022-05-13 |
| CVE-2020-15839 | Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of ... | 6.5 - MEDIUM | 2020-09-22 | 2020-09-30 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Liferay | Digital Experience Platform | 7.2 | fix_pack_5 | All | All |
| Application | Liferay | Digital Experience Platform | 7.2 | fix_pack_4 | All | All |
| Application | Liferay | Digital Experience Platform | 7.2 | fix_pack_3 | All | All |
| Application | Liferay | Digital Experience Platform | 7.2 | fix_pack_2 | All | All |
| Application | Liferay | Digital Experience Platform | 7.2 | fix_pack_1 | All | All |
| Application | Liferay | Digital Experience Platform | 7.2 | - | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_4 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | sp1 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_9 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_8 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_7 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_6 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_5 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | - | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_3 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_2 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_17 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_16 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_15 | All | All |
| Application | Liferay | Digital Experience Platform | 7.1 | fix_pack_14 | All | All |