Liferay Liferay Enterprise Portal — known CVE vulnerabilities
Every CVE whose affected-product data names Liferay Liferay Enterprise Portal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2009-1294 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3)…
CVE-2007-6173 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary…
CVE-2008-0178 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote…
CVE-2004-2030 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to…
CVE-2008-0180 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3.6 allows remote authenticated users to…
CVE-2008-0181 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary…
CVE-2008-0182 — CVSS 4.3 (medium): Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to…
CVE-2008-0563 — CVSS 4.3 (medium): Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers…
CVE-2008-0179 — CVSS 2.6 (low): Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to…