VYPR

Maven package

com.liferay/com.liferay.frontend.editor.ckeditor.web

pkg:maven/com.liferay/com.liferay.frontend.editor.ckeditor.web

Vulnerabilities (3)

  • CVE-2025-43783Sep 10, 2025
    affected >= 5.0.76, < 5.0.102fixed 5.0.102

    Reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.3.73 through 7.4.3.128, and Liferay DXP 2024.Q3.0 through 2024.Q3.1, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 7.4 update 73 through update 92 allows remote attackers to inject arbitrary we

  • CVE-2025-43761Aug 22, 2025
    affected < 5.0.107fixed 5.0.107

    A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote

  • CVE-2022-42116Oct 18, 2022
    affected < 5.0.46fixed 5.0.46

    A Cross-site scripting (XSS) vulnerability in the Frontend Editor module's integration with CKEditor in Liferay Portal 7.3.2 through 7.4.3.14, and Liferay DXP 7.3 before update 6, and 7.4 before update 15 allows remote attackers to inject arbitrary web script or HTML via the (1)