Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth ...
Continue Reading
June 16, 2025
Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth ...
Continue Reading
June 16, 2025
Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth ...
Continue Reading
June 16, 2025
Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth ...
Continue Reading
June 16, 2025
Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth ...
Continue Reading
June 16, 2025
Erxes is vulnerable to Incorrect Access Control. The vulnerability is due to authentication bypass due to improper validation of the User HTTP header, allowing attackers to impersonate users and acces ...
Continue Reading
June 13, 2025
Erxes is vulnerable to Path Traversal. The vulnerability is due to improper input validation due to insufficient sanitization of file paths in the importHistoriesCreate GraphQL mutation handler, allow ...
Continue Reading
June 12, 2025
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser...Read M ...
Continue Reading
June 11, 2025
Back to Main
