VYPR

Maven package

com.liferay/com.liferay.account.admin.web

pkg:maven/com.liferay/com.liferay.account.admin.web

Vulnerabilities (3)

  • CVE-2025-62263Oct 27, 2025
    affected >= 2.0.0, < 2.0.108fixed 2.0.108

    Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.7 through 7.4.3.103, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 service pack 3 through update 36 allow remote attackers to inject arbitrary web script or HTML via a crafted p

  • CVE-2025-62238Oct 10, 2025
    affected >= 2.0.40, < 2.0.114fixed 2.0.114

    Stored cross-site scripting (XSS) vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attac

  • CVE-2025-43736Aug 12, 2025
    affected < 2.0.138fixed 2.0.138

    A Denial Of Service via File Upload (DOS) vulnerability in the Liferay Portal 7.4.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA t