Количество 2
Количество 2
CVE-2025-43809
Cross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.7, 2023.Q3.1 through 2023.Q3.9, 7.4 GA through update 92, and older unsupported versions allows remote attackers to register a server license via the 'orderUuid' parameter.
GHSA-697h-3q6m-jwp4
Liferay Portal Cross-Site Request Forgery (CSRF) vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43809 Cross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.7, 2023.Q3.1 through 2023.Q3.9, 7.4 GA through update 92, and older unsupported versions allows remote attackers to register a server license via the 'orderUuid' parameter. | CVSS3: 4.3 | 0% Низкий | 5 месяцев назад |
| GHSA-697h-3q6m-jwp4 Liferay Portal Cross-Site Request Forgery (CSRF) vulnerability | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу