VYPR

Maven package

com.liferay/com.liferay.site.admin.web

pkg:maven/com.liferay/com.liferay.site.admin.web

Vulnerabilities (2)

  • CVE-2025-43797Sep 15, 2025
    affected < 5.0.111fixed 5.0.111

    In Liferay Portal 7.1.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions, the default membership type of a newly created site is “Open” which allows any registered users t

  • CVE-2025-43795Sep 12, 2025
    affected >= 2.0.4, < 5.0.103fixed 5.0.103

    Open redirect vulnerability in the System Settings in Liferay Portal 7.1.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4 , 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to redirect users to arbitrary ex