pkg:Maven/com.liferay.portal:com.liferay.portal.kernel

All known vulnerabilities

• CRITICAL9.8CVE-2020-7961⚠ KEVDeserialization of Untrusted Data in Liferay Portal
  from 0, < 4.35.3
• HIGH8.1CVE-2024-25607Liferay Portal defaults to a low work factor for the default password hashing algorithm
  from 0, < 38.0.0
• —CVE-2025-43792Liferay Portal has External Control of System or Configuration Settings
  from 0, < 130.0.1
• —Liferay Portal has Improper Validation of Specified Quantity in Input
  from 0, < 130.0.1
• —Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter
  from 0, < 155.0.0
• —Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
  from 0, < 38.0.0