FLAT-YCXLI (CVE-2025-62264)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-D1FSE (CVE-2025-62265)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-XO3OR (CVE-2025-62266)
Uncontrolled external site redirect In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-29D1J (CVE-2025-62257)
Lack of protection against brute force attacks In com.liferay.portal:release.portal.bom
1.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-UPZDR (CVE-2025-62258)
Cross-site request forgery In com.liferay.portal:release.portal.bom
4.7
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-MC5S4 (CVE-2025-62259)
Authentication mechanism absence or evasion In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-JW2HM (CVE-2025-62260)
Asymmetric denial of service In com.liferay.portal:release.portal.bom
4.9
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-4XRJY (CVE-2025-43830)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-PGVLC (CVE-2025-43822)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-RTBKX (CVE-2025-43823)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-ZZ5NH (CVE-2025-43824)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-GV698 (CVE-2025-43826)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-5UQHU (CVE-2025-43817)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-PEW90 (CVE-2025-43813)
Lack of data validation - Path Traversal In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-K1IJZ (CVE-2025-43799)
Enabled default credentials In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-ZLS43 (CVE-2025-43760)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-RKC4A (CVE-2025-43752)
Inadequate file size control In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-0RSSD (CVE-2025-43754)
Lack of data validation - Path Traversal In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-0RISQ (CVE-2025-43756)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-AMATP (CVE-2025-43757)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-7H8XK (CVE-2025-43748)
Cross-site request forgery In com.liferay.portal:release.portal.bom
4.0
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-3SQTA (CVE-2025-43749)
Unauthorized access to files In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-MSLSZ (CVE-2025-43741)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-OW30L (CVE-2025-43743)
User enumeration In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-M0JT7 (CVE-2025-43744)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-05TRR (CVE-2025-43745)
Cross-site request forgery In com.liferay.portal:release.portal.bom
4.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-Z1RG4 (CVE-2025-43740)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.0
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-FAAMG (CVE-2025-43731)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-OYOTM (CVE-2025-3639)
Security controls bypass or absence In com.liferay.portal:release.portal.bom
0.4
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-JEWTZ (CVE-2025-43734)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-B94LN (CVE-2025-4655)
Server-side request forgery (SSRF) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-SX5PL (CVE-2025-2565)
Business information leak In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-O4KAO (CVE-2025-2536)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-9ZIPS (CVE-2023-37940)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-A7MGN (CVE-2024-11993)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.0
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-DQ43F (CVE-2024-26272)
Cross-site request forgery In com.liferay.portal:release.portal.bom
6.3
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-Q2L1E (CVE-2024-38002)
Authentication mechanism absence or evasion In com.liferay.portal:release.portal.bom
7.7
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-WAN97 (CVE-2024-26273)
Cross-site request forgery In com.liferay.portal:release.portal.bom
6.3
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-612YG (CVE-2024-26271)
Cross-site request forgery In com.liferay.portal:release.portal.bom
5.2
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-C85KU (CVE-2023-47795)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
7.6
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-NFJLA (CVE-2024-26266)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
6.1
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-PWH9C (CVE-2024-25601)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
7.6
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-8HNK3 (CVE-2024-25152)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
7.6
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-5DY5H (CVE-2024-25147)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
7.6
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-UKM68 (CVE-2023-40191)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
7.6
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-RYQ6K (CVE-2024-26268)
User enumeration In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-F82DA (CVE-2024-26265)
Asymmetric denial of service In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-8XHTR (CVE-2024-26267)
Insecure functionality In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-1OWJS (CVE-2024-25607)
Insecure encryption algorithm In com.liferay.portal:release.portal.bom
6.2
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-YF6VX (CVE-2024-25609)
Uncontrolled external site redirect In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-6DULA (CVE-2024-25149)
Authentication mechanism absence or evasion In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-PBVOS (CVE-2022-45320)
Excessive privileges In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-OQHH8 (CVE-2024-25148)
Business information leak In com.liferay.portal:release.portal.bom
6.2
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-P76YD (CVE-2023-47798)
Concurrent sessions In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-XIJUR (CVE-2024-25143)
Asymmetric denial of service In com.liferay.portal:release.portal.bom
4.9
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-DDY1U (CVE-2024-25145)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
7.7
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-S7T7S (CVE-2023-47797)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
5.2
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-G9CO4 (CVE-2023-35030)
Cross-site request forgery In com.liferay.portal:release.portal.bom
6.3
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-RBBUL (CVE-2023-33944)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-8WNBH (CVE-2023-33945)
SQL injection - Code In com.liferay.portal:release.portal.bom
7.2
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-AACWV (CVE-2023-33950)
Asymmetric denial of service - ReDoS In com.liferay.portal:release.portal.bom
4.9
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-WZNDJ (CVE-2023-33948)
Improper authorization control for web services In com.liferay.portal:release.portal.bom
6.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-5JKZO (CVE-2023-33946)
Improper authorization control for web services In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-3Z6KK (CVE-2023-33949)
Insecure functionality In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-5M4Y0 (CVE-2023-33947)
Improper authorization control for web services In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-DWGAT (CVE-2023-33941)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-GOKWS (CVE-2023-33937)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-9YKML (CVE-2023-33942)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-BGJJ5 (CVE-2023-33939)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-53C6W (CVE-2023-33938)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-F1TA9 (CVE-2023-33943)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-06PDK (CVE-2023-33940)
Reflected cross-site scripting (XSS) In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-TOXMG (CVE-2022-42124)
Asymmetric denial of service - ReDoS In com.liferay.portal:release.portal.bom
6.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-II6P0 (CVE-2022-42129)
Improper authorization control for web services In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-KDP4K (CVE-2022-42131)
Insecure digital certificates In com.liferay.portal:release.portal.bom
1.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-LDZXD (CVE-2022-42127)
Excessive privileges In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-C76JZ (CVE-2022-42126)
Excessive privileges In com.liferay.portal:release.portal.bom
5.0
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-ATRBP (CVE-2022-42125)
Lack of data validation - Path Traversal In com.liferay.portal:release.portal.bom
6.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-9QNBI (CVE-2022-42123)
Lack of data validation - Path Traversal In com.liferay.portal:release.portal.bom
2.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-99CMU (CVE-2022-42128)
Excessive privileges In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-5UOKI (CVE-2022-42132)
Business information leak In com.liferay.portal:release.portal.bom
4.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-4UMSW (CVE-2022-42130)
Excessive privileges In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-MOTHR (CVE-2022-39975)
Improper authorization control for web services In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-A2NNM (CVE-2021-33330)
Sensitive information sent insecurely In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-MXLJM (CVE-2021-33339)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.1
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-427YU (CVE-2021-33328)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.2
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-4RB26 (CVE-2021-33334)
Excessive privileges In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-R48BT (CVE-2021-33333)
Excessive privileges In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-I7AFJ (CVE-2021-33331)
Uncontrolled external site redirect In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-B6Y10 (CVE-2021-29044)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-TC5W3 (CVE-2021-29048)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-0E43W (CVE-2021-29051)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-4YIAX (CVE-2021-29052)
Excessive privileges In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-994PO (CVE-2021-29047)
Authentication mechanism absence or evasion In com.liferay.portal:release.portal.bom
6.6
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-GWNW5 (CVE-2021-29039)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-D20YH (CVE-2021-29040)
Technical information leak In com.liferay.portal:release.portal.bom
2.7
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-ZLOBN (CVE-2020-25476)
Server side cross-site scripting In com.liferay.portal:release.portal.bom
1.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-ETPPF (CVE-2020-15842)
Insecure deserialization In com.liferay.portal:release.portal.bom
7.2
High
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-MAGZP (CVE-2020-15841)
Weak credential policy In com.liferay.portal:release.portal.bom
5.2
Medium
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom
FLAT-1N7IK (CVE-2020-13444)
Business information leak In com.liferay.portal:release.portal.bom
2.3
Low
Ecosystem: Maven
Package: com.liferay.portal:release.portal.bom