Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42110) CVE-2022-42110 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111) CVE-2022-42111 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112) CVE-2022-42112 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42113) CVE-2022-42113 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114) CVE-2022-42114 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42115) CVE-2022-42115 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116) CVE-2022-42116 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117) CVE-2022-42117 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42118) CVE-2022-42118 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42119) CVE-2022-42119 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3193) CVE-2023-3193 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33937) CVE-2023-33937 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33938) CVE-2023-33938 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939) CVE-2023-33939 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33940) CVE-2023-33940 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33941) CVE-2023-33941 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33942) CVE-2023-33942 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33943) CVE-2023-33943 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33944) CVE-2023-33944 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42497) CVE-2023-42497 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627) CVE-2023-42627 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628) CVE-2023-42628 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629) CVE-2023-42629 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44309) CVE-2023-44309 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310) CVE-2023-44310 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44311) CVE-2023-44311 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47797) CVE-2023-47797 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145) CVE-2024-25145 CWE-707 CWE-707 Medium Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053) CVE-2021-29053 CWE-138 CWE-138 High Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120) CVE-2022-42120 CWE-138 CWE-138 Critical Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121) CVE-2022-42121 CWE-138 CWE-138 High Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42122) CVE-2022-42122 CWE-138 CWE-138 Critical Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945) CVE-2023-33945 CWE-138 CWE-138 High Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606) CVE-2024-25606 CWE-611 CWE-611 High Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335) CVE-2021-33335 CWE-863 CWE-863 High Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25149) CVE-2024-25149 CWE-863 CWE-863 Medium Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25604) CVE-2024-25604 CWE-863 CWE-863 Medium Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002) CVE-2024-38002 CWE-863 CWE-863 High Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052) CVE-2021-29052 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324) CVE-2021-33324 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33327) CVE-2021-33327 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33333) CVE-2021-33333 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33334) CVE-2021-33334 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268) CVE-2021-38268 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595) CVE-2022-26595 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-41414) CVE-2022-41414 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42127) CVE-2022-42127 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42128) CVE-2022-42128 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42130) CVE-2022-42130 CWE-276 CWE-276 Medium Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605) CVE-2024-25605 CWE-276 CWE-276 Medium Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124) CVE-2022-42124 CWE-1333 CWE-1333 High Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950) CVE-2023-33950 CWE-1333 CWE-1333 High Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949) CVE-2023-33949 CWE-1188 CWE-1188 High Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610) CVE-2024-25610 CWE-1188 CWE-1188 Medium Liferay Portal Insufficiently Protected Credentials Vulnerability (CVE-2021-29043) CVE-2021-29043 CWE-522 CWE-522 Medium Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322) CVE-2021-33322 CWE-613 CWE-613 High Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512) CVE-2022-38512 CWE-862 CWE-862 Medium Liferay Portal Missing Authorization Vulnerability (CVE-2022-39975) CVE-2022-39975 CWE-862 CWE-862 Medium Liferay Portal Missing Authorization Vulnerability (CVE-2023-3426) CVE-2023-3426 CWE-862 CWE-862 Medium Liferay Portal Missing Authorization Vulnerability (CVE-2023-33948) CVE-2023-33948 CWE-862 CWE-862 High Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-25146) CVE-2024-25146 CWE-203 CWE-203 Medium Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146) CVE-2022-25146 CWE-346 CWE-346 Medium Liferay Portal Other Vulnerability (CVE-2023-33946) CVE-2023-33946 Medium Liferay Portal Other Vulnerability (CVE-2023-33947) CVE-2023-33947 Medium Liferay Portal Other Vulnerability (CVE-2024-25150) CVE-2024-25150 Medium Liferay Portal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5327) CVE-2010-5327 CWE-264 CWE-264 High Liferay Portal Session Fixation Vulnerability (CVE-2023-47798) CVE-2023-47798 CWE-384 CWE-384 Medium Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795) CVE-2018-10795 CWE-434 CWE-434 High Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-15839) CVE-2020-15839 CWE-434 CWE-434 Medium Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24554) CVE-2020-24554 CWE-601 CWE-601 High Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-33331) CVE-2021-33331 CWE-601 CWE-601 Medium Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977) CVE-2022-28977 CWE-601 CWE-601 Medium Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-35029) CVE-2023-35029 CWE-601 CWE-601 Medium Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608) CVE-2024-25608 CWE-601 CWE-601 Medium Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609) CVE-2024-25609 CWE-601 CWE-601 Medium 1...63646566...303 64 / 303
