Количество 2
Количество 2
CVE-2025-43789
JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed.
GHSA-q86r-gwqc-jx85
Liferay Portal JSON Web Services Direct Class Invocation Enables Service Access Policy Execution
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43789 JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed. | CVSS3: 5.3 | 0% Низкий | 5 месяцев назад |
| GHSA-q86r-gwqc-jx85 Liferay Portal JSON Web Services Direct Class Invocation Enables Service Access Policy Execution | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу