Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Liferay — Vulnerabilities & Security Advisories 210

Browse all 210 CVE security advisories affecting Liferay. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Liferay is an enterprise open-source platform primarily utilized for building digital experiences, including websites, portals, and intranets. Its extensive feature set and Java-based architecture have historically attracted significant security scrutiny, resulting in over 210 recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure deserialization flaws or improper access controls within its portal components. Notable incidents include critical RCE vulnerabilities that allowed unauthenticated attackers to execute arbitrary commands on affected servers, highlighting risks associated with default configurations and legacy code paths. While the platform offers robust enterprise-grade features, its complexity necessitates rigorous patch management and secure configuration practices to mitigate the high volume of identified security defects.

Top products by Liferay: Portal DXP
CVE IDTitleCVSSSeverityPublished
CVE-2025-62275 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-863 4.3 -2025-11-01
CVE-2025-62276 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-525 4.7 -2025-10-31
CVE-2025-62267 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1 -2025-10-31
CVE-2025-62264 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1 -2025-10-31
CVE-2025-62265 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-10-30
CVE-2025-62266 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-601 6.1AIMediumAI2025-10-30
CVE-2025-62257 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-307 7.5AIHighAI2025-10-29
CVE-2025-62258 Liferay Portal和Liferay DXP 跨站请求伪造漏洞 — PortalCWE-352 8.8AIHighAI2025-10-27
CVE-2025-62259 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-863 8.2AIHighAI2025-10-27
CVE-2025-62260 Liferay Portal和Liferay DXP 资源管理错误漏洞 — PortalCWE-400 7.5AIHighAI2025-10-27
CVE-2025-62261 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-312 7.2AIHighAI2025-10-27
CVE-2025-62262 Liferay Portal和Liferay DXP 日志信息泄露漏洞 — PortalCWE-532 3.3AILowAI2025-10-27
CVE-2025-62263 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-10-27
CVE-2025-62253 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-601 6.1AIMediumAI2025-10-27
CVE-2025-62254 Liferay Portal和Liferay DXP 路径遍历漏洞 — PortalCWE-22 7.5AIHighAI2025-10-23
CVE-2025-62255 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-10-23
CVE-2025-62256 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-862 4.3AIMediumAI2025-10-23
CVE-2025-62247 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-862 6.5AIMediumAI2025-10-22
CVE-2025-62248 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-79 6.1AIMediumAI2025-10-22
CVE-2025-62249 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-10-21
CVE-2025-62250 Liferay Portal和Liferay DXP 访问控制错误漏洞 — PortalCWE-346 9.8AICriticalAI2025-10-21
CVE-2025-62251 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-732 6.5AIMediumAI2025-10-13
CVE-2025-62252 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-639 6.5AIMediumAI2025-10-13
CVE-2025-62246 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-10-13
CVE-2025-62241 Liferay DXP 安全漏洞 — DXPCWE-639 4.3AIMediumAI2025-10-13
CVE-2025-62242 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-639 4.3AIMediumAI2025-10-13
CVE-2025-62243 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-863 4.3AIMediumAI2025-10-13
CVE-2025-62244 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-639 6.5AIMediumAI2025-10-13
CVE-2025-62245 Liferay Portal和Liferay DXP 跨站请求伪造漏洞 — PortalCWE-352 4.3AIMediumAI2025-10-10
CVE-2025-62237 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-10-10

This page lists every published CVE security advisory associated with Liferay. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.