Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Liferay — Vulnerabilities & Security Advisories 210

Browse all 210 CVE security advisories affecting Liferay. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Liferay is an enterprise open-source platform primarily utilized for building digital experiences, including websites, portals, and intranets. Its extensive feature set and Java-based architecture have historically attracted significant security scrutiny, resulting in over 210 recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure deserialization flaws or improper access controls within its portal components. Notable incidents include critical RCE vulnerabilities that allowed unauthenticated attackers to execute arbitrary commands on affected servers, highlighting risks associated with default configurations and legacy code paths. While the platform offers robust enterprise-grade features, its complexity necessitates rigorous patch management and secure configuration practices to mitigate the high volume of identified security defects.

Top products by Liferay: Portal DXP
CVE IDTitleCVSSSeverityPublished
CVE-2025-43804 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-09-16
CVE-2025-43805 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-862 5.3AIMediumAI2025-09-16
CVE-2025-43801 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-606 7.5AIHighAI2025-09-16
CVE-2025-43802 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-09-15
CVE-2025-43797 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-1188 7.1AIHighAI2025-09-15
CVE-2025-43798 Liferay DXP 安全漏洞 — DXPCWE-304 8.8AIHighAI2025-09-15
CVE-2025-43799 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-1393 8.2AIHighAI2025-09-15
CVE-2025-43800 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-09-15
CVE-2025-43791 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-09-15
CVE-2025-43792 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-15 8.1AIHighAI2025-09-15
CVE-2025-43793 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-1284 5.3AIMediumAI2025-09-15
CVE-2025-43794 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 4.8AIMediumAI2025-09-15
CVE-2025-43795 Liferay Portal和Liferay DXP 输入验证错误漏洞 — PortalCWE-601 6.1 -2025-09-12
CVE-2025-43796 Liferay Portal和Liferay DXP 资源管理错误漏洞 — PortalCWE-400 7.5 -2025-09-12
CVE-2025-43787 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4 -2025-09-12
CVE-2025-43788 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-862 4.3 -2025-09-12
CVE-2025-43789 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-863 9.8 -2025-09-12
CVE-2025-43790 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-639 8.8AIHighAI2025-09-11
CVE-2025-43782 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-639 4.3AIMediumAI2025-09-11
CVE-2025-43783 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-09-10
CVE-2025-43784 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-863 4.3AIMediumAI2025-09-10
CVE-2025-43785 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-09-10
CVE-2025-43786 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.3AIMediumAI2025-09-09
CVE-2025-43781 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-09-09
CVE-2025-43775 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1AIMediumAI2025-09-09
CVE-2025-43776 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-209 5.4AIMediumAI2025-09-09
CVE-2025-43777 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-209 7.5AIHighAI2025-09-09
CVE-2025-43778 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4AIMediumAI2025-09-09
CVE-2025-43763 Liferay Portal和Liferay DXP 代码问题漏洞 — PortalCWE-918 9.1AICriticalAI2025-09-08
CVE-2025-43772 Liferay Portal和Liferay DXP 资源管理错误漏洞 — PortalCWE-400 9.1AICriticalAI2025-09-04

This page lists every published CVE security advisory associated with Liferay. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.