VYPR

Maven package

com.liferay/com.liferay.dynamic.data.mapping.form.field.type

pkg:maven/com.liferay/com.liferay.dynamic.data.mapping.form.field.type

Vulnerabilities (4)

  • CVE-2025-43800Sep 15, 2025
    affected < 6.0.167fixed 6.0.167

    Cross-site scripting (XSS) vulnerability in Objects in Liferay Portal 7.4.3.20 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4 and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into

  • CVE-2025-43791Sep 15, 2025
    affected < 6.0.167fixed 6.0.167

    Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 36 allow remote attackers to inject arbitrary web script or HTML via a crafted

  • CVE-2025-43762Aug 22, 2025
    affected < 6.0.187fixed 6.0.187

    Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of fil

  • CVE-2022-26594Apr 15, 2022
    affected < 6.0.11fixed 6.0.11

    Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.5 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allow remote attackers to inject arbitrary web script or HTML via a form field's help text to (1) Forms module's form builder, or (2) App Builder m