Known Vulnerabilities for Digital Experience Platform by Liferay
Listed below are 10 of the newest known vulnerabilities associated with "Digital Experience Platform" by "Liferay".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44311 json | Multiple reflected cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationR... | 6.1 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-44310 json | Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 ... | 5.4 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-44309 json | Multiple stored cross-site scripting (XSS) vulnerabilities in the fragment components in Liferay Portal 7.4.2 through 7.4.3.5... | 5.4 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-42629 json | Stored cross-site scripting (XSS) vulnerability in the manage vocabulary page in Liferay Portal 7.4.2 through 7.4.3.87, and L... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42628 json | Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7.4.3.87, and Liferay DXP ... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42627 json | Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, a... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42497 json | Reflected cross-site scripting (XSS) vulnerability on the Export for Translation page in Liferay Portal 7.4.3.4 through 7.4.3... | 6.1 - MEDIUM | 2023-10-17 | 2023-10-23 |
| CVE-2023-33950 json | Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expres... | 7.5 - HIGH | 2023-05-24 | 2023-05-31 |
| CVE-2023-33949 json | In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to veri... | 7.5 - HIGH | 2023-05-24 | 2023-05-31 |
| CVE-2023-33948 json | The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media f... | 7.5 - HIGH | 2023-05-24 | 2023-06-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.2 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 | |||
| Application | Liferay | Digital Experience Platform | 7.1 |