Количество 2
Количество 2
CVE-2025-43798
Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35 allows a time-based one-time password (TOTP) to be used multiple times during the validity period, which allows attackers with access to a user’s TOTP to authenticate as the user.
GHSA-4p5r-3jmm-652q
Liferay DXP Missing Critical Step in Authentication
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43798 Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35 allows a time-based one-time password (TOTP) to be used multiple times during the validity period, which allows attackers with access to a user’s TOTP to authenticate as the user. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| GHSA-4p5r-3jmm-652q Liferay DXP Missing Critical Step in Authentication | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу