Known Vulnerabilities
-
March 2020 source patch for Liferay Portal 7.1.3. Details for working with source patches can be found on the Patching Liferay Portal page. In Liferay 7.1.0 through 7.1.3, unauthorized users can...Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1.3, 7.2.0 and possibly earlier unsupported versions, the Sign In widget may expose the user's email address and/or password in the page's HTML source. This may allow a third...Releases: Liferay Portal 7.2 Liferay Portal 7.1
-
In Liferay Portal 7.1.3, 7.2.0 and possibly earlier unsupported versions, the search results from the Search Bar widget uses links that redirect users to HTTP instead of HTTPS. Severity 2 Liferay...Releases: Liferay Portal 7.2 Liferay Portal 7.1
-
In Liferay Portal 7.1.3, 7.2.0 and possibly earlier unsupported versions, the 'com.liferay.map.openstreetmap' bundle loads the npm package, leaflet, using HTTP instead of HTTPS. Severity 2 Liferay...Releases: Liferay Portal 7.2 Liferay Portal 7.1
-
In Liferay Portal 7.2 CE GA1 and possibly earlier unsupported versions, an open redirect vulnerability exists in Account Settings. Severity 2 Liferay Portal 7.2.1Releases: Liferay Portal 7.2
-
Liferay Portal 7.2.1 March 2020 source patch for Liferay Portal 7.1.3. Details for working with source patches can be found on the Patching Liferay Portal page. In Liferay Portal 7.1 CE GA4, 7.2 CE...Releases: Liferay Portal 7.2 Liferay Portal 7.1
-
In Liferay Portal 7.2.0 and earlier contains a remote code execution (RCE) vulnerability via JSON web services (JSONWS). Workaround: Disable JSONWS by setting the portal.property...
-
In Liferay Portal 7.1 CE GA4, 7.2 CE GA1 and possibly earlier unsupported versions, the /user/send-password-by-* JSONWS APIs can be used in a denial-of-service attack on the mail server. Severity 2...Releases: Liferay Portal 7.2 Liferay Portal 7.1
-
Liferay Portal 7.2.1 Some vulnerabilities reported by Arun Liferay Portal 7.2 CE GA1 includes the following libraries which have known vulnerabilities: Apache Commons BeanUtils 1.9.2 Apache Tika...Releases: Liferay Portal 7.2
-
Multiple permission issue exists in Liferay Portal 7.2 CE GA1 which allows users to perform actions on resources which they are not authorized to perform. Severity 2 Liferay Portal 7.2.1 Some...Releases: Liferay Portal 7.2
-
In Liferay Portal 7.2 CE GA1, multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML into a page. Severity 2 Liferay Portal 7.2.1Releases: Liferay Portal 7.2
-
Liferay Faces Alloy 2.0.2 (source) Liferay Faces Alloy 3.0.2 (source) To install, remove any old versions of Liferay Faces Alloy and place the fixed version of Liferay Faces Alloy in the...Releases: Liferay Faces
-
A stored cross-site scripting (XSS) vulnerability exists in alloy:autoComplete and alloy:inputFile due to improper rendering of JavaScript strings in arrays for the following versions of Liferay...Releases: Liferay Faces
-
Binary patch (source) To install, place patch in each of your Liferay Faces WARs in the WEB-INF/lib directory. The dependency can be included via Maven, Gradle, or Ivy. In a Maven project pom.xml...Releases: Liferay Faces
-
Liferay Portal 7.1.1 March 2020 source patch for Liferay Portal 7.0.6. Details for working with source patches can be found on the Patching Liferay Portal page. March 2020 source patch for Liferay...
-
Liferay Portal 7.1.3 When defining permissions for a role in Liferay Portal 7.1 CE GA3 and older unsupported versions, some permissions may be selected by default. This may unintentionally lead to...Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA3 and older unsupported versions, an open redirect vulnerability exist in the Language Selector widget. Severity 2 Liferay Portal 7.1.3Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA3 and older unsupported versions, a path traversal vulnerability exists in poller. Severity 2 Liferay Portal 7.1.3Releases: Liferay Portal 7.1
-
Liferay Portal 7.1 CE GA3 includes the following libraries which have known vulnerabilities: Apache Batik 1.7 Apache HttpClient 4.1 Apache PDFBox 2.0.9 Apache Tika 1.18 c3p0 0.9.5.2 Ehcache 2.8.3...Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA3, multiple cross-site scripting (XSS) vulnerabilities exists which allow remote attackers to inject arbitrary web script or HTML into a page. Severity 2 Liferay Portal...Releases: Liferay Portal 7.1
-
Liferay Portal 7.1 CE GA3 and older unsupported versions and older unsupported versions is vulnerable to Server-Side Request Forgery (SSRF) via DDM REST Data Provider which allows an attacker...Releases: Liferay Portal 7.1
-
Liferay Portal 7.1.3 In Liferay Portal 7.1 CE GA3 and older unsupported versions, Message Boards post that are marked as "Anonymous" can be associated with the user who posted it. This issue exists...Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA3 and older unsupported versions, a company's secret key is accessible via templates. Severity 2 Liferay Portal 7.1.3Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA3 and older unsupported versions, user password hashes and password reminder answers may be appear in the logs if a database error occurs. Severity 2 Liferay Portal 7.1.3Releases: Liferay Portal 7.1
-
Multiple permission issue exists in Liferay Portal 7.1 CE GA3 which allows users to perform actions on resources which they are not authorized to perform. Severity 2 Liferay Portal 7.1.3Releases: Liferay Portal 7.1
-
Liferay Portal 7.1.2 Message boards post that are marked as "Anonymous" can be associated with the user who posted it. Severity 2Releases: Liferay Portal 7.1
-
An open redirect vulnerability exist in Liferay Portal 7.1 CE with the <liferay-ui:header> tag. Severity 2 Liferay Portal 7.1.2Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE, an unexpected error may produce an overly verbose error message that is visible to end users. Severity 2 Liferay Portal 7.1.2Releases: Liferay Portal 7.1
-
User login in Liferay Portal 7.1 CE is vulnerable to Cross-Site Request Forgery (CSRF) attacks. Severity 2 Liferay Portal 7.1.2Releases: Liferay Portal 7.1
-
A bug in Liferay Portal CE 7.1 CE allows any authenticated user to change the password of another user, including an administrator. Once a user has access to an administrator account, a full system...Releases: Liferay Portal 7.1
-
Liferay Portal 7.1.2 Multiple permission issue exists in Liferay Portal 7.1 CE GA2 which allows users to perform actions on resources which they are not authorized to perform. Severity 2Releases: Liferay Portal 7.1
-
A stored cross-site scripting (XSS) vulnerability exits with the image resolution information in Adaptive Media in Liferay CE 7.1 GA2. Severity 2 Liferay Portal 7.1.2Releases: Liferay Portal 7.1
-
Liferay Portal 7.1.0 and earlier is vulnerable to remote code execution (RCE) via deserialization of JSON data. Severity 1 Liferay Portal 7.1.1 March 2020 source patch for Liferay Portal 7.0.6....
-
Liferay Portal 7.1.0 and earlier contains a path traversal vulnerability in Web Content templates and Application Display Templates (ADT). The vulnerability allows any user with permission to...
-
The password reset token may be leaked to 3rd party website in Liferay Portal 7.1 CE. Out of the box, the password reset token is not leaked to any 3rd party website. However, if the site is...Releases: Liferay Portal 7.1
-
The default configuration for Liferay Portal 7.0.0 through 7.1.0 allow attackers to conduct XML External Entity (XXE) attacks via XSL templates in XSL Content and Web Content. Workaround: 1....Releases: Liferay Portal 7.1 Liferay Portal 7.0
-
Liferay Portal 7.1.1 In Liferay Portal 7.1 CE GA1, users are normally required to enter their current password if they want to change their password. However, the requirement to enter the current...Releases: Liferay Portal 7.1
-
Notification emails sent to users in Liferay Portal 7.1 CE GA1 is vulnerable to HTML injection. An attacker can exploit this vulnerability for phishing attacks. Severity 2 Liferay Portal 7.1.1Releases: Liferay Portal 7.1
-
Liferay Portal 7.1.0 and earlier is vulnerable to a Server-Side Request Forgery (SSRF) via Web Content templates and Application Display Templates (ADT) which may allow an attacker access to...
-
Liferay Portal 7.1.1 An LDAP injection vulnerability exits in Liferay 7.1 CE GA1 with user group names. Severity 2Releases: Liferay Portal 7.1
-
Multiple permission issue exists in Liferay Portal 7.1 CE GA1 which allows users to perform actions on resources which they are not authorized to perform. Severity 2 Liferay Portal 7.1.1Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA1, multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML into a page. Severity 2 Liferay Portal 7.1.1 Some...Releases: Liferay Portal 7.1
-
This issue was reported by Tiago Sintra An open redirect vulnerability exits with Blogs RSS and tunnel-web in Liferay Portal 7.1 CE GA1. Severity 2 Liferay Portal 7.1.1Releases: Liferay Portal 7.1
-
In Liferay Portal 7.1 CE GA1, other sessions are not terminated when a user changes their password. Severity 2 Liferay Portal 7.1.1 This issue was reported by Osama MahmoodReleases: Liferay Portal 7.1
-
In LIferay Portal 7.0 CE GA7, a theoretical OS command injection vulnerability exists in SendmailHook. Severity 2 Liferay Portal 7.1.0 7.0.6-ce-ga7-security-1.0 patch (source) By default, the...Releases: Liferay Portal 7.0
-
This issue was reported by Juho Myllys The CSV files that are exported by Liferay Portal 7.0 CE GA7 (user export, DDL export and Form export) is susceptible to CSV injection if the CSV file is...Releases: Liferay Portal 7.0
-
In Liferay Portal 7.0 CE GA7, A cross-site request forgery (CSRF) vulnerability exist with comments. An attacker can potentially exploit this security vulnerability to add comments on behalf of a...Releases: Liferay Portal 7.0
-
Liferay Portal 7.1.0 7.0.6-ce-ga7-security-1.0 patch (source) In Liferay Portal 7.0 CE GA7, the password for a Form's REST data provider does not obfuscate the password leading to password...Releases: Liferay Portal 7.0
-
In Liferay Portal 7.0 CE GA7, a flaw in the code used to prevent open redirects allows some crafted URLs to circumvent the open redirect prevention logic. Severity 2 Liferay Portal 7.1.0...Releases: Liferay Portal 7.0
-
In Liferay Portal 7.0 CE GA7, blogs titles are visible to users without the appropriate view permission. Only the title is leaked and the user cannot view the content of the blog entry. Severity 2...Releases: Liferay Portal 7.0
-
Liferay Portal 7.1.0 7.0.6-ce-ga7-security-1.0 patch (source) Some vulnerabilities reported by Gergő Czuczor In Liferay Portal 7.0 CE GA7, multiple cross-site scripting (XSS) vulnerabilities allow...Releases: Liferay Portal 7.0
-
Multiple cross-site request forgery (CSRF) vulnerabilities allow remote attackers to execute unwanted actions in the portal. Workaround: Remove the following lines from the...Releases: Liferay Portal 7.0
-
In Liferay Portal 7.0.5 and earlier, the Web Proxy portlet/application allows remote attackers to execute arbitrary code via supplied stylesheet. Patched versions of the portal will prevent users...Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
-
The portal may be vulnerable to BREACH attacks if the portal is using HTTPS and compression (GZip) is enabled. Workaround: Disable compression by setting...Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
-
The "doAsUserId" parameter used by Administrators for impersonating another user can be leaked to third party sites. Severity 2 Liferay Portal 7.0.6Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
-
Liferay Portal 7.0.6 The asset tag API leaks information about the user who created the asset tag. Severity 2Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
-
Multiple permission issue allows users to perform actions on resources which they are not authorized to perform. Severity 2 Liferay Portal 7.0.6Releases: Liferay Portal 7.0
-
A reflected cross-site scripting (XSS) vulnerability exist on the JSONWS API page. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page....Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
-
Liferay Portal 7.0.5 Apache Commons Email is vulnerable to SMTP header injection (CVE-2017-9801). Liferay Portal is not vulnerable, however, custom modules/apps using the Commons Email JAR bundled...Releases: Liferay Portal 7.0
-
Content spoofing is possible via URL manipulation in applications that suppor tags. An attacker can potentially exploit this security vulnerability to spoof content and mislead users. Severity 2...Releases: Liferay Portal 7.0 Liferay Portal 6.2 CE
Found a Bug?
If you have found, or think you have found a bug, help us to help you by letting us know!
Found a Security Vulnerability?
There's a different process available if you have a security issue to report...
Hall of Fame!
Raise your profile - report security vulnerabilities and enter the Hall of Fame!