Liferay
Security Scorecard
Score
42F
Total CVEs
60
Patch Rate
0%
0 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical1
High4
Medium55
Low0
Patch Status
Patched0 (0%)
Partial/Workaround2 (3%)
Unpatched58 (97%)
CVEs (60)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-43801 | Liferay XML-RPC Denial-of-Service | HIGH | 7.5 | - | Unknown |
| CVE-2025-43800 | Liferay XSS Vulnerability | MEDIUM | 6.1 | 92d | Unpatched |
| CVE-2025-43798 | Liferay DXP Security Vulnerability | MEDIUM | 6.5 | 92d | Unpatched |
| CVE-2025-43797 | Liferay Portal Site Membership Bypass | MEDIUM | 5.4 | 92d | Unpatched |
| CVE-2025-43788 | Liferay Portal Organization Selector Bypass | MEDIUM | 4.3 | 95d | Unpatched |
| CVE-2025-43796 | Liferay GraphQL Denial-of-Service (DoS) | HIGH | 7.5 | 95d | Unpatched |
| CVE-2025-43782 | Liferay IDOR Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-43763 | Liferay Portal SSRF Vulnerability | MEDIUM | 6.5 | - | Unknown |
| CVE-2025-43778 | Liferay Portal Cross-Site Scripting Vulnerability | MEDIUM | 6.1 | - | Unknown |
| CVE-2025-43775 | Liferay Portal XSS | MEDIUM | 5.4 | 98d | Unpatched |