Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273) CVE-2024-26273 CWE-352 CWE-352 High Liferay DXP CVE-2021-29041 Vulnerability (CVE-2021-29041) CVE-2021-29041 Medium Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330) CVE-2021-33330 Medium Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266) CVE-2021-38266 High Liferay DXP CVE-2022-42126 Vulnerability (CVE-2022-42126) CVE-2022-42126 Medium Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148) CVE-2024-25148 High Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842) CVE-2020-15842 CWE-502 CWE-502 High Liferay DXP Excessive Iteration Vulnerability (CVE-2024-25144) CVE-2024-25144 CWE-834 CWE-834 Medium Liferay DXP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-42132) CVE-2022-42132 CWE-200 CWE-200 Medium Liferay DXP Improper Certificate Validation Vulnerability (CVE-2022-42131) CVE-2022-42131 CWE-295 CWE-295 Medium Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123) CVE-2022-42123 CWE-22 CWE-22 High Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29049) CVE-2021-29049 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38263) CVE-2021-38263 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38265) CVE-2021-38265 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38267) CVE-2021-38267 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269) CVE-2021-38269 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593) CVE-2022-26593 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596) CVE-2022-26596 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597) CVE-2022-26597 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978) CVE-2022-28978 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28979) CVE-2022-28979 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28982) CVE-2022-28982 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901) CVE-2022-38901 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38902) CVE-2022-38902 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42110) CVE-2022-42110 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111) CVE-2022-42111 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112) CVE-2022-42112 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114) CVE-2022-42114 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116) CVE-2022-42116 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117) CVE-2022-42117 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42118) CVE-2022-42118 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42119) CVE-2022-42119 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33937) CVE-2023-33937 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33938) CVE-2023-33938 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939) CVE-2023-33939 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33940) CVE-2023-33940 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33944) CVE-2023-33944 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42497) CVE-2023-42497 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627) CVE-2023-42627 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628) CVE-2023-42628 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629) CVE-2023-42629 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44309) CVE-2023-44309 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310) CVE-2023-44310 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145) CVE-2024-25145 CWE-707 CWE-707 Medium Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120) CVE-2022-42120 CWE-138 CWE-138 Critical Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121) CVE-2022-42121 CWE-138 CWE-138 High Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945) CVE-2023-33945 CWE-138 CWE-138 High Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606) CVE-2024-25606 CWE-611 CWE-611 High Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25149) CVE-2024-25149 CWE-863 CWE-863 Medium Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25604) CVE-2024-25604 CWE-863 CWE-863 Medium Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002) CVE-2024-38002 CWE-863 CWE-863 High Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334) CVE-2021-33334 CWE-276 CWE-276 Medium Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-38268) CVE-2021-38268 CWE-276 CWE-276 Medium Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2022-42128) CVE-2022-42128 CWE-276 CWE-276 Medium Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2022-42130) CVE-2022-42130 CWE-276 CWE-276 Medium Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2024-25605) CVE-2024-25605 CWE-276 CWE-276 Medium Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124) CVE-2022-42124 CWE-1333 CWE-1333 High Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949) CVE-2023-33949 CWE-1188 CWE-1188 High Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610) CVE-2024-25610 CWE-1188 CWE-1188 Medium Liferay DXP Missing Authorization Vulnerability (CVE-2022-39975) CVE-2022-39975 CWE-862 CWE-862 Medium Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-25146) CVE-2024-25146 CWE-203 CWE-203 Medium Liferay DXP Origin Validation Error Vulnerability (CVE-2022-25146) CVE-2022-25146 CWE-346 CWE-346 Medium Liferay DXP Other Vulnerability (CVE-2023-33946) CVE-2023-33946 Medium Liferay DXP Other Vulnerability (CVE-2023-33947) CVE-2023-33947 Medium Liferay DXP Other Vulnerability (CVE-2024-25150) CVE-2024-25150 Medium Liferay DXP Session Fixation Vulnerability (CVE-2023-47798) CVE-2023-47798 CWE-384 CWE-384 Medium Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977) CVE-2022-28977 CWE-601 CWE-601 Medium Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608) CVE-2024-25608 CWE-601 CWE-601 Medium Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609) CVE-2024-25609 CWE-601 CWE-601 Medium Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607) CVE-2024-25607 CWE-916 CWE-916 High Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445) CVE-2020-13445 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444) CVE-2019-11444 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884) CVE-2020-28884 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885) CVE-2020-28885 CWE-138 CWE-138 High Liferay JSON service API authentication vulnerability CWE-287 CWE-287 High 1...61626364...303 62 / 303
