CVE-2024-25145
https://notcve.org/view.php?id=CVE-2024-25145
Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML into the Search Result app's search result if highlighting is disabled by adding any searchable content (e.g., blog, message board message, web content article) to the application. Vulnerabilidad de cross-site scripting (XSS) almacenado en la aplicación Resultados de búsqueda del módulo Portal Search en Liferay Portal 7.2.0 a 7.4.3.11 y versiones anteriores no compatibles, y Liferay DXP 7.4 antes de la actualización 8, 7.3 antes de la actualización 4, 7.2 antes del fixpack 17 y versiones anteriores no compatibles permiten a los usuarios autenticados remotamente inyectar scripts web o HTML arbitrario en el resultado de búsqueda de la aplicación Resultados de búsqueda si el resaltado está deshabilitado agregando cualquier contenido que permita realizar búsquedas (por ejemplo, blog, mensaje en el tablero de mensajes, artículo de contenido web) a la aplicación. • https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25145 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-33949
https://notcve.org/view.php?id=CVE-2023-33949
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true. • https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2021-33990 – Liferay Portal 6.2.5 - Insecure Permissions
https://notcve.org/view.php?id=CVE-2021-33990
Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file. Liferay Portal version 6.2.5 suffers from an insecure permissions vulnerability. • https://www.exploit-db.com/exploits/51244 http://packetstormsecurity.com/files/171701/Liferay-Portal-6.2.5-Insecure-Permissions.html https://github.com/fu2x2000/Liferay_exploit_Poc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-281: Improper Preservation of Permissions •
CVE-2022-42132
https://notcve.org/view.php?id=CVE-2022-42132
The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, which allows man-in-the-middle attackers or attackers with access to the request logs to see the LDAP credential. La funcionalidad Probar usuarios de LDAP en Liferay Portal 7.0.0 a 7.4.3.4, y Liferay DXP 7.0 fixpack 102 y anteriores, 7.1 antes del fixpack 27, 7.2 antes del fixpack 17, 7.3 antes de la actualización 4 y DXP 7.4 GA incluye LDAP credencial en la URL de la página al paginar a través de la lista de usuarios, lo que permite a los atacantes intermediarios o a los atacantes con acceso a los registros de solicitudes ver la credencial LDAP. • http://liferay.com https://issues.liferay.com/browse/LPE-17438 https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-41414
https://notcve.org/view.php?id=CVE-2022-41414
An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages. Un fallo no seguro en el componente auth.login.prompt.enabled de Liferay Portal versiones v7.0.0 hasta v7.4.2, permite a atacantes enumerar nombres de usuarios, nombres de sitios y páginas • https://portal.liferay.dev/learn/security/known-vulnerabilities • CWE-276: Incorrect Default Permissions •