Количество 2
Количество 2
CVE-2025-62275
Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions does not check permission of images in a blog entry, which allows remote attackers to view the images in a blog entry via crafted URL.
GHSA-xf7m-v66q-76w8
Liferay Portal and DXP do not check permissions of images in a blog entry
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-62275 Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions does not check permission of images in a blog entry, which allows remote attackers to view the images in a blog entry via crafted URL. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| GHSA-xf7m-v66q-76w8 Liferay Portal and DXP do not check permissions of images in a blog entry | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу