Analyzed
11 months
ago.
based on code collected
11 months
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2022-28980 | BDSA-2022-2635 | Medium | Sep 22, 2022 | Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web script more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-38266 | BDSA-2021-4191 | High | Mar 02, 2022 | The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-38263 | BDSA-2021-4189 | Medium | Mar 03, 2022 | Cross-site scripting (XSS) vulnerability in the Server module's script console in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-33333 | BDSA-2021-2372 | Medium | Aug 03, 2021 | The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-33326 | BDSA-2021-2339 | Medium | Aug 03, 2021 | Cross-site scripting (XSS) vulnerability in the Frontend JS module in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 bef more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-33325 | Medium | Aug 03, 2021 | The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
|
| CVE-2021-33322 | BDSA-2021-2336 | High | Aug 03, 2021 | In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens a more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-33320 | BDSA-2021-2329 | Medium | Aug 03, 2021 | The Flags module in Liferay Portal 7.3.1 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 5, does n more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2021-29040 | BDSA-2021-1382 | Medium | May 16, 2021 | The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 20 and 7.2 before fix pack 10 ma more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
| CVE-2020-7961 | BDSA-2019-4326 | Critical | Mar 20, 2020 | Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSON more... |
6.0.73, 2.2.39, 2.1.28, 1.0.85, 6.0.72, 6.0.71, 6.0.70, 6.0.69, 6.0.68, 4.0.54
|
