CVE-2025-43787 Stored XSS via organization site names
CVE-2025-43776 The Process Builder's Configuration tab fails to properly escape stored JavaScript code
CVE-2025-43777 Internal server error message in the response body
CVE-2025-43778 Stored XSS on the name of a fieldset
CVE-2025-43773 Missing permission checks in expandoTableLocalService
CVE-2025-43747 SSRF in Analytics Cloud domain validation
CVE-2025-43744 Stored DOM-Based XSS in the Asset Publisher configuration UI
CVE-2025-43740 Stored XSS in message boards feature
CVE-2025-43737 Reflected XSS through JournalPortlet backUrl parameter
CVE-2025-43745 CSRF vulnerability in 'endpoint' parameter
CVE-2025-43746 Reflected XSS in Dynamic Data Mapping portletNamespace and Portlet_namespace parameter
CVE-2025-43757 Reflected XSS in Dynamic Data Mapping DDMPortlet_definition parameter
CVE-2025-43756 Reflected XSS in snippet parameter
CVE-2025-43755 Stored XSS via GroupPagesPortlet_type parameter
CVE-2025-62247 Blueprint Collection Providers are exposed for reading and selection by other unauthorized instances
CVE-2025-62248 Regression of the Reflected XSS in DDMPortlet_definition parameter
CVE-2025-62249 Reflected XSS in google_widget
Powered by Liferay™
Legal
Compliance
Privacy Policy
本网站使用 Cookie
我们使用 Cookie 来提供个性化内容、分析趋势、管理网站、跟踪用户在网站上的活动,以及收集有关我们整个用户群的受众信息。接受所有 Cookie 可在我们的网站上获得最佳体验或管理您的偏好设置。 访问我们的《隐私政策》
