Liferay Faces Alloy DoS via large file upload in Servlet 3.0+ environment (non-Portlet vulnerability)
DoS via large file upload
FACES-2361 Security vulnerability with accessing a non-Faces view in JSF portlets
Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.