Salta al contingut principal
  • Blogs
  • Feedback
  • Help
  • Meet
  • Known Vulnerabilities
  • Discuss
  • Download
  • Learn
  • Log In

Known Vulnerabilities

  • Security Overview
  • Reporting Security Issues
  • Known Vulnerabilities
  • Hall of Fame

Releases

  • Liferay Portal 7.4 U132
  • Liferay Portal 7.4
  • Liferay Portal 7.3
  • Liferay Portal 7.2
  • Liferay Portal 7.1
  • Liferay Portal 7.0
  • Liferay Portal 6.2 CE
  • Liferay Faces
  • Liferay DXP 7.4
  • Liferay DXP 7.3
  • Liferay DXP 7.2
  • LIferay DXP 7.1
  • LIferay DXP 7.0
  • Liferay DXP 2026.Q4
  • Liferay DXP 2026.Q3
  • Liferay DXP 2026.Q2
  • Liferay DXP 2026.Q1
  • Liferay DXP 2025.Q4
  • Liferay DXP 2025.Q3
  • Liferay DXP 2025.Q2
  • Liferay DXP 2025.Q1
  • Liferay DXP 2024.Q4
  • Liferay DXP 2024 Q3
  • Liferay DXP 2024 Q2
  • Liferay DXP 2024 Q1
  • Liferay DXP 2023.Q4
  • Liferay DXP 2023.Q3
RSS

  • CVE-2025-43787 Stored XSS via organization site names

  • CVE-2025-43776 The Process Builder's Configuration tab fails to properly escape stored JavaScript code

  • CVE-2025-43777 Internal server error message in the response body

  • CVE-2025-43778 Stored XSS on the name of a fieldset

  • CVE-2025-43773 Missing permission checks in expandoTableLocalService

  • CVE-2025-43747 SSRF in Analytics Cloud domain validation

  • CVE-2025-43744 Stored DOM-Based XSS in the Asset Publisher configuration UI

  • CVE-2025-43740 Stored XSS in message boards feature

  • CVE-2025-43737 Reflected XSS through JournalPortlet backUrl parameter

  • CVE-2025-43745 CSRF vulnerability in 'endpoint' parameter

  • CVE-2025-43746 Reflected XSS in Dynamic Data Mapping portletNamespace and Portlet_namespace parameter

  • CVE-2025-43757 Reflected XSS in Dynamic Data Mapping DDMPortlet_definition parameter

  • CVE-2025-43756 Reflected XSS in snippet parameter

  • CVE-2025-43755 Stored XSS via GroupPagesPortlet_type parameter

  • CVE-2025-62247 Blueprint Collection Providers are exposed for reading and selection by other unauthorized instances

  • CVE-2025-62248 Regression of the Reflected XSS in DDMPortlet_definition parameter

  • CVE-2025-62249 Reflected XSS in google_widget

Community
Company
Feedback
Blogs
Discuss
Meet
Open Source
Download
Events
Learn
Careers
Contact Us
Feedback
Help
Copyright © 2026 Liferay, Inc

Powered by Liferay™

Legal

Compliance

Privacy Policy

Aquest lloc web utilitza galetes

Utilitzem galetes per oferir contingut personalitzat, analitzar tendències, administrar el lloc web, fer un seguiment dels moviments dels usuaris al lloc web i recollir informació demogràfica sobre la nostra base d'usuaris en conjunt. Accepteu totes les galetes per gaudir de la millor experiència possible al nostre lloc web o gestioneu les vostres preferències. Consulteu la nostra política de privadesa