{"url":"http://public2.vulnerablecode.io/api/packages/23379?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.0.0","type":"maven","namespace":"com.liferay.portal","name":"release.portal.bom","version":"7.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/144247?format=json","vulnerability_id":"VCID-389t-vg2c-cbg6","summary":"In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33949","reference_id":"","reference_type":"","scores":[{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.57247","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.57129","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33949"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33949","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33949"},{"reference_url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949","reference_id":"cve-2023-33949","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:48:38Z/"}],"url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949"},{"reference_url":"https://github.com/advisories/GHSA-g9mr-9xfc-4gf7","reference_id":"GHSA-g9mr-9xfc-4gf7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9mr-9xfc-4gf7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22461?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-1c5p-sera-j3bg"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-4qnf-vd8e-9yfr"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6ejn-7nds-1qb6"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-76r8-wfvh-pkg4"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-9bfa-6qqd-d7gb"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-ar4h-r3ga-w7gt"},{"vulnerability":"VCID-b12f-kdez-2qau"},{"vulnerability":"VCID-bmbd-g58w-z3gy"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-dy73-grbk-tyb6"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-fer2-q3rr-2khd"},{"vulnerability":"VCID-fx8b-2pzj-uyg6"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-g6wt-vwuh-cua8"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-jrqh-vfu7-dkfh"},{"vulnerability":"VCID-jxe5-tt8r-cbag"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-m2ex-r993-6qcp"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-n4t4-bb8c-nub4"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qaj9-m3df-7qbr"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-v9m5-8c56-tuhb"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-ww6r-hc6t-eqgp"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yffn-r39p-nfcp"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-yxjx-p7zs-3fec"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.1"}],"aliases":["CVE-2023-33949","GHSA-g9mr-9xfc-4gf7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-389t-vg2c-cbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/322077?format=json","vulnerability_id":"VCID-9bfa-6qqd-d7gb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13444","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48601","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48463","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13444"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://issues.liferay.com/browse/LPE-17009","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.liferay.com/browse/LPE-17009"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13444","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13444"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317396","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317396"},{"reference_url":"https://github.com/advisories/GHSA-8j5r-9687-88w5","reference_id":"GHSA-8j5r-9687-88w5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8j5r-9687-88w5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19590?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-1c5p-sera-j3bg"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-4qnf-vd8e-9yfr"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6ejn-7nds-1qb6"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-76r8-wfvh-pkg4"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-ar4h-r3ga-w7gt"},{"vulnerability":"VCID-b12f-kdez-2qau"},{"vulnerability":"VCID-bmbd-g58w-z3gy"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-fx8b-2pzj-uyg6"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-g6wt-vwuh-cua8"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-h9vv-1cu6-jydx"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-hvhc-kn1w-qkac"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-jxe5-tt8r-cbag"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-m2ex-r993-6qcp"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-mzzp-psnm-muhm"},{"vulnerability":"VCID-n4t4-bb8c-nub4"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qaj9-m3df-7qbr"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-sqsw-skt9-93dt"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-v9m5-8c56-tuhb"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-ww6r-hc6t-eqgp"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yffn-r39p-nfcp"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-yxjx-p7zs-3fec"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.2"}],"aliases":["CVE-2020-13444","GHSA-8j5r-9687-88w5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9bfa-6qqd-d7gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210480?format=json","vulnerability_id":"VCID-b12f-kdez-2qau","summary":"Liferay Portal and Liferay DXP Fails to Properly Check User Permissions","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33334","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24094","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23897","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33334"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://issues.liferay.com/browse/LPE-17039","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.liferay.com/browse/LPE-17039"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748332","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748332"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33334","reference_id":"CVE-2021-33334","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33334"},{"reference_url":"https://github.com/advisories/GHSA-g37f-j8hh-736f","reference_id":"GHSA-g37f-j8hh-736f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g37f-j8hh-736f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/500398?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.2-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-1c5p-sera-j3bg"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-76r8-wfvh-pkg4"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-ar4h-r3ga-w7gt"},{"vulnerability":"VCID-bmbd-g58w-z3gy"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-fx8b-2pzj-uyg6"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-g6wt-vwuh-cua8"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-h9vv-1cu6-jydx"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-hvhc-kn1w-qkac"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-jxe5-tt8r-cbag"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-m2ex-r993-6qcp"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-mzzp-psnm-muhm"},{"vulnerability":"VCID-n4t4-bb8c-nub4"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qaj9-m3df-7qbr"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-sqsw-skt9-93dt"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-v9m5-8c56-tuhb"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-ww6r-hc6t-eqgp"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yffn-r39p-nfcp"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.2-1"}],"aliases":["CVE-2021-33334","GHSA-g37f-j8hh-736f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b12f-kdez-2qau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210425?format=json","vulnerability_id":"VCID-g6wt-vwuh-cua8","summary":"Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Membership Request Admin Page","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29044","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.6523","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.6533","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29044"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://web.archive.org/web/20210524195727/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743548","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210524195727/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743548"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29044","reference_id":"CVE-2021-29044","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29044"},{"reference_url":"https://github.com/advisories/GHSA-wcr5-3q96-c2gr","reference_id":"GHSA-wcr5-3q96-c2gr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wcr5-3q96-c2gr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23367?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-h9vv-1cu6-jydx"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-hvhc-kn1w-qkac"},{"vulnerability":"VCID-jg5a-j9vb-f7hk"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-mzzp-psnm-muhm"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-pcat-aa3f-kqeg"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rjjs-an4q-6qaf"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-ser9-x7zq-dqdv"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-zc53-8p5g-2kcv"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.6"}],"aliases":["CVE-2021-29044","GHSA-wcr5-3q96-c2gr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g6wt-vwuh-cua8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210477?format=json","vulnerability_id":"VCID-jrqh-vfu7-dkfh","summary":"Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLs","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33331","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58399","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58286","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33331"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://issues.liferay.com/browse/LPE-17022","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.liferay.com/browse/LPE-17022"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747627","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747627"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33331","reference_id":"CVE-2021-33331","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33331"},{"reference_url":"https://github.com/advisories/GHSA-mj8w-h522-jwm8","reference_id":"GHSA-mj8w-h522-jwm8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mj8w-h522-jwm8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/500397?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-1c5p-sera-j3bg"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-4qnf-vd8e-9yfr"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6ejn-7nds-1qb6"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-76r8-wfvh-pkg4"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-9bfa-6qqd-d7gb"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-ar4h-r3ga-w7gt"},{"vulnerability":"VCID-b12f-kdez-2qau"},{"vulnerability":"VCID-bmbd-g58w-z3gy"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-dy73-grbk-tyb6"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-fer2-q3rr-2khd"},{"vulnerability":"VCID-fx8b-2pzj-uyg6"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-g6wt-vwuh-cua8"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-jxe5-tt8r-cbag"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-m2ex-r993-6qcp"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-n4t4-bb8c-nub4"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qaj9-m3df-7qbr"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-v9m5-8c56-tuhb"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-ww6r-hc6t-eqgp"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yffn-r39p-nfcp"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-yxjx-p7zs-3fec"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.1-1"}],"aliases":["CVE-2021-33331","GHSA-mj8w-h522-jwm8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jrqh-vfu7-dkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210483?format=json","vulnerability_id":"VCID-n4t4-bb8c-nub4","summary":"Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Edit Vocabulary Page","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33328","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35219","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35041","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33328"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://issues.liferay.com/browse/LPE-17100","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.liferay.com/browse/LPE-17100"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747972"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33328","reference_id":"CVE-2021-33328","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33328"},{"reference_url":"https://github.com/advisories/GHSA-vpvm-3wfw-5f5c","reference_id":"GHSA-vpvm-3wfw-5f5c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vpvm-3wfw-5f5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23363?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-91rc-5gz3-dbcf"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-bmbd-g58w-z3gy"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-cn4z-f8ej-ruha"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-fmsa-bc5s-s3e7"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-g6wt-vwuh-cua8"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-h9vv-1cu6-jydx"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-hvhc-kn1w-qkac"},{"vulnerability":"VCID-jg5a-j9vb-f7hk"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-mzzp-psnm-muhm"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-pcat-aa3f-kqeg"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qaj9-m3df-7qbr"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rjjs-an4q-6qaf"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-ser9-x7zq-dqdv"},{"vulnerability":"VCID-sqsw-skt9-93dt"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-t5h8-q4q5-a3em"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-v9m5-8c56-tuhb"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-zc53-8p5g-2kcv"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.5"}],"aliases":["CVE-2021-33328","GHSA-vpvm-3wfw-5f5c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n4t4-bb8c-nub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/166388?format=json","vulnerability_id":"VCID-t2ys-d2mh-xygr","summary":"The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, which allows man-in-the-middle attackers or attackers with access to the request logs to see the LDAP credential.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42132","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56306","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56187","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42132"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://github.com/liferay/liferay-portal/commit/4a53b64fb714c7ff989b99ddccc3de116095453d","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal/commit/4a53b64fb714c7ff989b99ddccc3de116095453d"},{"reference_url":"https://github.com/liferay/liferay-portal/commit/b6cff511119d71dea38f5485761730f4fb5d4430","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal/commit/b6cff511119d71dea38f5485761730f4fb5d4430"},{"reference_url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2022-42132?p_r_p_assetEntryId=121613918&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121613918%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2022-42132?p_r_p_assetEntryId=121613918&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121613918%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132","reference_id":"cve-2022-42132","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:17:39Z/"}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42132","reference_id":"CVE-2022-42132","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42132"},{"reference_url":"https://web.archive.org/web/20221020134303/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132","reference_id":"CVE-2022-42132","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20221020134303/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132"},{"reference_url":"https://github.com/advisories/GHSA-f43m-hhj4-q3jg","reference_id":"GHSA-f43m-hhj4-q3jg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f43m-hhj4-q3jg"},{"reference_url":"http://liferay.com","reference_id":"liferay.com","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:17:39Z/"}],"url":"http://liferay.com"},{"reference_url":"https://issues.liferay.com/browse/LPE-17438","reference_id":"LPE-17438","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:17:39Z/"}],"url":"https://issues.liferay.com/browse/LPE-17438"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27865?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.5-ga5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.5-ga5"},{"url":"http://public2.vulnerablecode.io/api/packages/587546?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39dv-ngxr-vbaj"},{"vulnerability":"VCID-3cm9-v7g5-kfcn"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-493t-ab65-pff3"},{"vulnerability":"VCID-4m1t-nd28-43b2"},{"vulnerability":"VCID-55fq-h94e-kuep"},{"vulnerability":"VCID-5rce-t9wm-4ycx"},{"vulnerability":"VCID-5ytw-d875-3yfe"},{"vulnerability":"VCID-69x9-5buz-1yht"},{"vulnerability":"VCID-6f8z-s1fz-57b2"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-73u9-6qzv-t7f7"},{"vulnerability":"VCID-7bjy-2h8a-ukbe"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-beqe-x5p8-23b9"},{"vulnerability":"VCID-c2hc-pbr7-2yhz"},{"vulnerability":"VCID-d9qm-h8q2-sfda"},{"vulnerability":"VCID-eb9n-cwf1-fbga"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-ep8t-7k2h-2kdp"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-evtz-a8xn-e7b6"},{"vulnerability":"VCID-ext6-8u2c-xufv"},{"vulnerability":"VCID-f6z5-3pp9-7qey"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-gfwc-qjpr-6fgf"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-hqwn-t5mr-13ab"},{"vulnerability":"VCID-hthn-qn9g-u3dv"},{"vulnerability":"VCID-j2r3-g95d-hued"},{"vulnerability":"VCID-jg5a-j9vb-f7hk"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-k56t-ry18-zbg4"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-mmy3-eycu-q7bu"},{"vulnerability":"VCID-p1dw-dttz-x7ee"},{"vulnerability":"VCID-pcat-aa3f-kqeg"},{"vulnerability":"VCID-ph25-5qgg-zfer"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-rcmj-djgg-bqf7"},{"vulnerability":"VCID-rjjs-an4q-6qaf"},{"vulnerability":"VCID-ser9-x7zq-dqdv"},{"vulnerability":"VCID-twb2-9ane-tfdw"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-vcth-rrmy-5qej"},{"vulnerability":"VCID-vh4z-622g-j7d6"},{"vulnerability":"VCID-w2a5-j7ew-mbet"},{"vulnerability":"VCID-w71u-16bg-nke4"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-xftu-6k5q-7ub6"},{"vulnerability":"VCID-xvs7-58y1-3ybj"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-y38f-84j9-fygf"},{"vulnerability":"VCID-yagv-6mp3-v7hf"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-zc53-8p5g-2kcv"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.6"}],"aliases":["CVE-2022-42132","GHSA-f43m-hhj4-q3jg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ys-d2mh-xygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210420?format=json","vulnerability_id":"VCID-v9m5-8c56-tuhb","summary":"Liferay Portal and Liferay DXP May Reveal S3 Store's Proxy Password","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29043","reference_id":"","reference_type":"","scores":[{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42759","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42597","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29043"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515"},{"reference_url":"https://web.archive.org/web/20210517183617/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210517183617/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29043","reference_id":"CVE-2021-29043","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29043"},{"reference_url":"https://github.com/advisories/GHSA-xx2h-2hf5-v7vv","reference_id":"GHSA-xx2h-2hf5-v7vv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xx2h-2hf5-v7vv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23367?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bjj-tjj8-pudd"},{"vulnerability":"VCID-48hp-m4m8-cqge"},{"vulnerability":"VCID-5gqq-m36a-53b6"},{"vulnerability":"VCID-6e5j-scss-jucz"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-6jw2-chce-suhn"},{"vulnerability":"VCID-72my-1zwg-a7hx"},{"vulnerability":"VCID-7ffj-jw2k-m3a6"},{"vulnerability":"VCID-88u7-stft-ebdh"},{"vulnerability":"VCID-9u32-4n1x-77ce"},{"vulnerability":"VCID-9v1n-scdh-a3du"},{"vulnerability":"VCID-a62g-s5j4-73fr"},{"vulnerability":"VCID-ank8-p9qa-9udx"},{"vulnerability":"VCID-cn1e-v8j7-mfhp"},{"vulnerability":"VCID-d3cx-1jmf-cfc4"},{"vulnerability":"VCID-ed9v-m3q5-6yaq"},{"vulnerability":"VCID-efzj-vsre-1ygm"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-g52h-8r1h-dfhe"},{"vulnerability":"VCID-gngs-dm98-eqc2"},{"vulnerability":"VCID-h9vv-1cu6-jydx"},{"vulnerability":"VCID-hpqu-qfg1-rygw"},{"vulnerability":"VCID-hvhc-kn1w-qkac"},{"vulnerability":"VCID-jg5a-j9vb-f7hk"},{"vulnerability":"VCID-jh4y-y7np-9fav"},{"vulnerability":"VCID-k469-ety8-rqby"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-mqut-n4an-x3cs"},{"vulnerability":"VCID-mzzp-psnm-muhm"},{"vulnerability":"VCID-n634-fspx-judk"},{"vulnerability":"VCID-pcat-aa3f-kqeg"},{"vulnerability":"VCID-ph4a-tj1g-ykc8"},{"vulnerability":"VCID-qztv-899y-sbb8"},{"vulnerability":"VCID-rjjs-an4q-6qaf"},{"vulnerability":"VCID-rn7g-6h98-duek"},{"vulnerability":"VCID-ser9-x7zq-dqdv"},{"vulnerability":"VCID-t2ys-d2mh-xygr"},{"vulnerability":"VCID-tgpb-tps9-wfd5"},{"vulnerability":"VCID-trgc-963v-9ue4"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-ughz-r7ds-6qfu"},{"vulnerability":"VCID-umd8-9ypn-zkdk"},{"vulnerability":"VCID-uu4f-gvmj-7key"},{"vulnerability":"VCID-uxjd-h6fd-sbgf"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-xy7e-q9wh-fkh4"},{"vulnerability":"VCID-yp7c-xgj7-s3h2"},{"vulnerability":"VCID-zc53-8p5g-2kcv"},{"vulnerability":"VCID-zkm4-bz55-9bb8"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.3.6"}],"aliases":["CVE-2021-29043","GHSA-xx2h-2hf5-v7vv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9m5-8c56-tuhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138648?format=json","vulnerability_id":"VCID-zkm4-bz55-9bb8","summary":"Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA through update 87, 7.3 GA through update 29, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a service access policy's `Service Class` text field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37940","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38976","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38804","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37940"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-37940","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-37940"},{"reference_url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2023-37940","reference_id":"CVE-2023-37940","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-17T21:41:20Z/"}],"url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2023-37940"},{"reference_url":"https://github.com/advisories/GHSA-px38-239g-x5mg","reference_id":"GHSA-px38-239g-x5mg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-px38-239g-x5mg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372310?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.88","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cm9-v7g5-kfcn"},{"vulnerability":"VCID-4m1t-nd28-43b2"},{"vulnerability":"VCID-55fq-h94e-kuep"},{"vulnerability":"VCID-5rce-t9wm-4ycx"},{"vulnerability":"VCID-5ytw-d875-3yfe"},{"vulnerability":"VCID-69x9-5buz-1yht"},{"vulnerability":"VCID-6f8z-s1fz-57b2"},{"vulnerability":"VCID-6jsv-kw7h-9yeu"},{"vulnerability":"VCID-73u9-6qzv-t7f7"},{"vulnerability":"VCID-7bjy-2h8a-ukbe"},{"vulnerability":"VCID-99sz-6eag-3kff"},{"vulnerability":"VCID-9seq-71yb-tfcf"},{"vulnerability":"VCID-beqe-x5p8-23b9"},{"vulnerability":"VCID-c2hc-pbr7-2yhz"},{"vulnerability":"VCID-d49a-szjx-jub1"},{"vulnerability":"VCID-d9qm-h8q2-sfda"},{"vulnerability":"VCID-deaj-uts6-aqb5"},{"vulnerability":"VCID-dztj-3hzz-3bcg"},{"vulnerability":"VCID-eb9n-cwf1-fbga"},{"vulnerability":"VCID-ep8t-7k2h-2kdp"},{"vulnerability":"VCID-epds-vwku-cyed"},{"vulnerability":"VCID-evtz-a8xn-e7b6"},{"vulnerability":"VCID-ext6-8u2c-xufv"},{"vulnerability":"VCID-f6z5-3pp9-7qey"},{"vulnerability":"VCID-gfwc-qjpr-6fgf"},{"vulnerability":"VCID-hqwn-t5mr-13ab"},{"vulnerability":"VCID-hthn-qn9g-u3dv"},{"vulnerability":"VCID-j2r3-g95d-hued"},{"vulnerability":"VCID-k7dn-nb9d-ckdk"},{"vulnerability":"VCID-kke1-d8nw-tyhj"},{"vulnerability":"VCID-mmy3-eycu-q7bu"},{"vulnerability":"VCID-p1dw-dttz-x7ee"},{"vulnerability":"VCID-p3dp-ku5j-yke9"},{"vulnerability":"VCID-pac3-4jrs-pqdg"},{"vulnerability":"VCID-ph25-5qgg-zfer"},{"vulnerability":"VCID-qxsh-hm7q-5ban"},{"vulnerability":"VCID-rcmj-djgg-bqf7"},{"vulnerability":"VCID-tgj6-8vhq-23ae"},{"vulnerability":"VCID-tkws-gscx-pff6"},{"vulnerability":"VCID-twb2-9ane-tfdw"},{"vulnerability":"VCID-twyc-srx8-fudj"},{"vulnerability":"VCID-u5rg-89bb-wbfy"},{"vulnerability":"VCID-u9gz-jcnn-syby"},{"vulnerability":"VCID-vcth-rrmy-5qej"},{"vulnerability":"VCID-w2a5-j7ew-mbet"},{"vulnerability":"VCID-w71u-16bg-nke4"},{"vulnerability":"VCID-whty-vwsm-t7gt"},{"vulnerability":"VCID-xftu-6k5q-7ub6"},{"vulnerability":"VCID-xvs7-58y1-3ybj"},{"vulnerability":"VCID-y38f-84j9-fygf"},{"vulnerability":"VCID-zc53-8p5g-2kcv"},{"vulnerability":"VCID-zn2s-8c79-x7h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.88"}],"aliases":["CVE-2023-37940","GHSA-px38-239g-x5mg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkm4-bz55-9bb8"}],"fixing_vulnerabilities":[],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.0.0"}