Количество 2
Количество 2
CVE-2025-43766
The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers.
GHSA-mf9q-87xx-jgvv
Liferay Portal allows unrestricted upload of file in the style books component
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43766 The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers. | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
| GHSA-mf9q-87xx-jgvv Liferay Portal allows unrestricted upload of file in the style books component | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу