Known Vulnerabilities

Blogs in Liferay Portal and Liferay DXP does not check permission of images in a blog entry, which allows remote attackers to view the images in a blog entry via crafted URL. Liferay Portal 7.4.0...

Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 The Document Library and the Adaptive Media modules in Liferay Portal and Liferay DXP uses an incorrect cache-control header, which allows local...

Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page in Liferay Portal and Liferay DXP allow remote attackers to inject arbitrary web script or HTML...

Liferay Portal 7.4.3.8 through 7.4.3.111 Liferay DXP 2023.Q4.0 through 2023.Q4.10 Liferay DXP 2023.Q3.1 through 2023.Q3.10 Liferay DXP 7.4 U4 through U92 Liferay Portal 7.4.3.112 Liferay DXP...

By default, Liferay Portal and Liferay DXP is vulnerable to DNS rebinding attacks, which allows remote attackers to redirect users to arbitrary external URLs. This vulnerability can be mitigated by...

Password enumeration vulnerability in Liferay Portal and Liferay DXP allows remote attackers to determine a user’s password even if account lockout is enabled via brute force attack. Liferay Portal...

The ComboServlet in Liferay Portal and Liferay DXP does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial...

Liferay Portal and Liferay DXP does not properly restrict access to OpenAPI in certain circumstances, which allows remote attackers to access the OpenAPI YAML file via a crafted URL. Liferay Portal...

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal and Liferay DXP allows an remote non-authenticated attacker to inject JavaScript into the google_gadget. Liferay Portal...

Liferay Portal fixed on master branch Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.1 Liferay DXP 2023.Q3.5 Liferay DXP 7.3 update 36 Improper Authentication in Liferay Portal and Liferay DXP allows...

Liferay Portal and Liferay DXP shows content to users who do not have permission to view it via the Menu Display Widget. This security flaw could result in sensitive information being exposed to...

A vulnerability in Liferay Portal and Liferay DXP allows sensitive user data to be included in the Freemarker template. This weakness permits an unauthorized actor to gain access to, and...

Liferay Portal 7.4.3.120 Liferay DXP 2024.Q1.6 Liferay DXP 2024.Q2.0 Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions Liferay DXP 2023.Q3.1 through 2023.Q3.10 Liferay DXP...

In Liferay Portal and Liferay DXP the audit events records a user’s password reminder answer, which allows remote authenticated users to obtain a user’s password reminder answer via the audit...

Batch Engine in Liferay Portal and Liferay DXP does not properly check permission with import and export tasks, which allows remote authenticated users to access the exported data via the REST...

Cross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal and Liferay DXP allows remote attackers to register a server license via the 'orderUuid'...

Cross-site scripting (XSS) vulnerability in Search widget in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via the...

Liferay Portal 7.3.0 through 7.4.3.111 Liferay DXP 2023.Q3.0 through 2023.Q3.4 Liferay DXP 7.4 GA thorugh U92 Liferay DXP 7.3 GA thorugh U35 Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay...

Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions Liferay DXP 2023.Q3.0 through 2023.Q3.4 Liferay DXP 7.4 GA thorugh U92 Liferay DXP 7.3 GA thorugh U35, and older unsupported...

In Liferay Portal and Liferay DXP, the default membership type of a newly created site is “Open” which allows any registered users to become a member of the site. A remote attacker with site...

Liferay DXP allows a time-based one-time password (TOTP) to be used multiple times during the validity period, which allows attackers with access to a user’s TOTP to authenticate as the user....

Cross-site scripting (XSS) vulnerability in Objects in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an object...

Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal and Liferay DXP allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a "Rich Text"...

Liferay Portal 7.4.3.106 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.1 Liferay DXP 2023.Q3.5 Liferay DXP 7.3 U36 Remote staging in Liferay DXP does not properly obtain the remote address of the live...

Liferay Portal and Liferay DXP may incorrectly identify the subdomain of a domain name and create a supercookie, which allows remote attackers who control a website that share the same TLD to read...

Stored cross-site scripting (XSS) vulnerability in Liferay Portal and Liferay DXP allows remote authenticated attackers with the instance administrator role to inject arbitrary web script or HTML...

Liferay Portal and Liferay DXP does not limit the number of objects returned from a GraphQL queries, which allows remote attackers to perform denial-of-service (DoS) attacks on the application by...

Reflected cross-site scripting (XSS) vulnerability in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via the URL in search bar portlet Liferay Portal...

Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal and Liferay DXP allows an attacker to exploit this security vulnerability to redirect users to a...

Liferay Portal 7.4.0 through 7.4.3.131 Liferay DXP 2024.Q4.0 Liferay DXP 2024.Q3.1 through 2024.Q3.13 Liferay DXP 2024.Q2.0 throguh 2024.Q2.13 Liferay DXP 2024.Q1.1 through 2024.Q1.12 Liferay DXP...

Liferay Portal fixed on master branch Liferay DXP 2024.Q1.15 Liferay DXP 2025.Q1.0 Liferay DXP 2025.Q2.0 User enumeration vulnerability in Liferay Portal and Liferay DXP allows remote attackers to...

The data exposure vulnerability in Liferay Portal and Liferay DXP allows an unauthorized user to obtain entry data from forms. Liferay Portal 7.4.0 through 7.4.3.128 Liferay DXP 2024.Q2.0 through...

Cross-site scripting (XSS) vulnerability on Liferay Portal and Liferay DXP in the Frontend JS module's layout-taglib/__liferay__/index.js allows remote attackers to inject arbitrary web script or...

This issue was reported by milCERT AT and Lucas Machado from Devoteam Cyber Trust A stored cross-site scripting (XSS) vulnerability exists with radio button type custom fields in Liferay Portal and...

Liferay Portal and Liferay DXP does not limit access to APIs before a user has changed their initial password, which allows remote users to access and edit content via the API. Liferay Portal...

Liferay Portal 7.4.3.112 Liferay DXP 2024.Q2.0 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.6 Liferay DXP 2023.Q3.9 Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions Liferay DXP...

Insecure direct object reference (IDOR) vulnerability in the Contacts Center widget in Liferay Portal and Liferay DXP allows remote attackers to view contact information, including the contact’s...

This issue was reported by foobar7 Stored cross-site scripting (XSS) vulnerability in Forms in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via a...

Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.6 Liferay Portal 7.4.3.102 through 7.4.3.111 Liferay DXP 2023.Q4.0 through 2023.Q4.5 Liferay DXP 2023.Q3.1 through 2023.Q3.4 This...

Stored cross-site scripting (XSS) vulnerability in the notifications widget in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via a crafted payload...

This issue was reported by foobar7 Insecure direct object reference (IDOR) vulnerability in Publications in Liferay Portal and Liferay DXP allows remote authenticated attackers to view the edit...

Cross-site request forgery (CSRF) vulnerability in Liferay Portal and Liferay DXP allows remote attackers to add and edit publication comments. Liferay Portal 7.4.1 through 7.4.3.112 Liferay DXP...

Insecure Direct Object Reference (IDOR) vulnerability with commerce order notes in Liferay Portal and Liferay DXP allows remote authenticated users to from one virtual instance to add a note to an...

Liferay DXP 2023.Q4.1 through 2023.Q4.5 Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.6 This issue was reported by foobar7 Insecure Direct Object Reference (IDOR)...

This issue was reported by foobar7 Insecure Direct Object Reference (IDOR) vulnerability with audit events in Liferay Portal and Liferay DXP allows remote authenticated users to from one virtual...

This issue was reported by argon21 Stored cross-site scripting (XSS) vulnerabilities in Web Content translation in Liferay Portal and Liferay DXP allow remote attackers to inject arbitrary web...

Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal and Liferay DXP allow remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected...

Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal and Liferay DXP allows remote authenticated users in one virtual instance to assign an organization to a user in a different...

Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q3.9 This issue was reported by foobar7 Cross-site scripting (XSS) vulnerability in the Blogs widget in Liferay Portal and Liferay...

Cross-site scripting (XSS) vulnerability in web content template in Liferay Portal and Liferay DXP allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload...

The Commerce component in Liferay Portal and Liferay DXP saves virtual products uploaded to Documents and Media with guest view permission, which allows remote attackers to access and download...

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal and Liferay DXP allows remote attackers to access arbitrary CSS and JSS files and load the files...

Multiple reflected cross-site scripting (XSS) vulnerabilities in Liferay Portal and Liferay DXP allow remote attackers to inject arbitrary web script or HTML via the `redirect` parameter to (1)...

In Liferay Portal and Liferay DXP (Liferay PaaS, and Liferay Self-Hosted), the Objects module does not restrict the use of Groovy scripts in Object actions for Admin Users. This allows remote...

Insufficient CSRF protection for omni-administrator users in Liferay Portal and Liferay DXP allows attackers to execute Cross-Site Request Forgery Liferay Portal 7.4.3.120 Liferay DXP 2024.Q2.0...

Stored cross-site scripting (XSS) vulnerability in a custom object’s /o/c/<object-name> API endpoint in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML...

Liferay Portal 7.4.3.4 through 7.4.3.111 Liferay DXP 2023.Q4.0 through 2023.Q4.5 Liferay DXP 2023.Q3.1 through 2023.Q3.8 Liferay DXP 7.4 Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay DXP...

Insecure direct object reference (IDOR) vulnerability in Publications in Liferay Portal and Liferay DXP allows remote authenticated attackers to view publication comments via the...

This issue was reported by foobar7 Stored cross-site scripting (XSS) vulnerability in Commerce’s view order page in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web...

This issue was reported by foobar7 Stored cross-site scripting (XSS) vulnerability on the Membership page in Account Settings in Liferay DXP allows remote authenticated attackers to inject...