Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Liferay — Vulnerabilities & Security Advisories 210

Browse all 210 CVE security advisories affecting Liferay. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Liferay is an enterprise open-source platform primarily utilized for building digital experiences, including websites, portals, and intranets. Its extensive feature set and Java-based architecture have historically attracted significant security scrutiny, resulting in over 210 recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure deserialization flaws or improper access controls within its portal components. Notable incidents include critical RCE vulnerabilities that allowed unauthenticated attackers to execute arbitrary commands on affected servers, highlighting risks associated with default configurations and legacy code paths. While the platform offers robust enterprise-grade features, its complexity necessitates rigorous patch management and secure configuration practices to mitigate the high volume of identified security defects.

Top products by Liferay: Portal DXP
CVE IDTitleCVSSSeverityPublished
CVE-2024-25144 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-835 4.1 Medium2024-02-08
CVE-2023-47798 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-384 5.4 Medium2024-02-08
CVE-2024-25145 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 9.6 Critical2024-02-07
CVE-2024-25143 Liferay Portal和Liferay DXP 安全漏洞 — DXPCWE-770 6.5 Medium2024-02-07
CVE-2023-47797 Liferay Portal 安全漏洞 — PortalCWE-79 9.6 Critical2023-11-17
CVE-2023-42627 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.6 Critical2023-10-17
CVE-2023-42628 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.0 Critical2023-10-17
CVE-2023-44311 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.6 Critical2023-10-17
CVE-2023-44310 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.0 Critical2023-10-17
CVE-2023-44309 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.0 Critical2023-10-17
CVE-2023-42629 Liferay Portal 跨站脚本漏洞 — DXPCWE-79 9.0 Critical2023-10-17
CVE-2023-42497 Liferay Portal和Liferay DXP 跨站脚本漏洞 — DXPCWE-79 9.6 Critical2023-10-17
CVE-2023-3426 Liferay Portal和Liferay DXP 安全漏洞 — DXPCWE-425 4.3 Medium2023-08-02
CVE-2023-35030 Liferay Portal 跨站请求伪造漏洞 — PortalCWE-352 8.8 High2023-06-15
CVE-2023-35029 Liferay Portal 输入验证错误漏洞 — PortalCWE-601 6.1 Medium2023-06-15
CVE-2023-3193 Liferay Portal 跨站脚本漏洞 — PortalCWE-79 6.1 Medium2023-06-15
CVE-2023-33950 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-1333 6.5 Medium2023-05-24
CVE-2023-33949 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-1188 5.3 Medium2023-05-24
CVE-2023-33948 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-862 5.3 Medium2023-05-24
CVE-2023-33947 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-284 2.7 Low2023-05-24
CVE-2023-33946 Liferay Portal和Liferay DXP 安全漏洞 — PortalCWE-284 2.7 Low2023-05-24
CVE-2023-33945 Liferay Portal和Liferay DXP SQL注入漏洞 — PortalCWE-89 6.4 Medium2023-05-24
CVE-2023-33944 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 4.8 Medium2023-05-24
CVE-2023-33943 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4 Medium2023-05-24
CVE-2023-33942 Liferay Portal和Liferay DXP跨站脚本漏洞 — PortalCWE-79 5.4 Medium2023-05-24
CVE-2023-33941 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 6.1 Medium2023-05-24
CVE-2023-33940 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 4.8 Medium2023-05-24
CVE-2023-33939 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4 Medium2023-05-24
CVE-2023-33938 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 4.8 Medium2023-05-24
CVE-2023-33937 Liferay Portal和Liferay DXP 跨站脚本漏洞 — PortalCWE-79 5.4 Medium2023-05-24

This page lists every published CVE security advisory associated with Liferay. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.