Known Vulnerabilities for Liferay Portal by Liferay
Listed below are 10 of the newest known vulnerabilities associated with "Liferay Portal" by "Liferay".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44311 json | Multiple reflected cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationR... | 6.1 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-44310 json | Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 ... | 5.4 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-44309 json | Multiple stored cross-site scripting (XSS) vulnerabilities in the fragment components in Liferay Portal 7.4.2 through 7.4.3.5... | 5.4 - MEDIUM | 2023-10-17 | 2023-10-24 |
| CVE-2023-42629 json | Stored cross-site scripting (XSS) vulnerability in the manage vocabulary page in Liferay Portal 7.4.2 through 7.4.3.87, and L... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42628 json | Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7.4.3.87, and Liferay DXP ... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42627 json | Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, a... | 5.4 - MEDIUM | 2023-10-17 | 2023-11-10 |
| CVE-2023-42497 json | Reflected cross-site scripting (XSS) vulnerability on the Export for Translation page in Liferay Portal 7.4.3.4 through 7.4.3... | 6.1 - MEDIUM | 2023-10-17 | 2023-10-23 |
| CVE-2023-35030 json | Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7... | 8.8 - HIGH | 2023-06-15 | 2023-06-22 |
| CVE-2023-35029 json | Open redirect vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay... | 6.1 - MEDIUM | 2023-06-15 | 2023-06-22 |
| CVE-2023-33950 json | Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expres... | 7.5 - HIGH | 2023-05-24 | 2023-05-31 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Liferay | Liferay Portal | 7.3.3 | |||
| Application | Liferay | Liferay Portal | 7.3.2 | |||
| Application | Liferay | Liferay Portal | 7.3.1 | |||
| Application | Liferay | Liferay Portal | 7.3.0 | |||
| Application | Liferay | Liferay Portal | 7.3 | |||
| Application | Liferay | Liferay Portal | 7.3 | |||
| Application | Liferay | Liferay Portal | 7.2.1 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 | |||
| Application | Liferay | Liferay Portal | 7.2.0 |