{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45410?format=json","vulnerability_id":"VCID-9epf-zkmr-67a6","summary":"Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout Module\nCross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter.","aliases":[{"alias":"CVE-2023-35030"},{"alias":"GHSA-p2fc-xxr8-fw3p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/656655?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u77","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u77"},{"url":"http://public2.vulnerablecode.io/api/packages/656573?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.78","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-rs2y-3c75-uycm"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-su57-hncy-5qg4"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-xv4h-g41b-c7c7"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.78"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65575?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u70","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u70"},{"url":"http://public2.vulnerablecode.io/api/packages/656651?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u71","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u71"},{"url":"http://public2.vulnerablecode.io/api/packages/656652?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u72","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u72"},{"url":"http://public2.vulnerablecode.io/api/packages/65580?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u73","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u73"},{"url":"http://public2.vulnerablecode.io/api/packages/656653?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u74","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u74"},{"url":"http://public2.vulnerablecode.io/api/packages/656654?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u75","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u75"},{"url":"http://public2.vulnerablecode.io/api/packages/65576?format=json","purl":"pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u76","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-42k1-vb9z-3qe7"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-9hvg-h2ra-nbcc"},{"vulnerability":"VCID-c3ym-wtv5-hfhr"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ezpm-x3vx-zfe6"},{"vulnerability":"VCID-tqvb-a46r-jbf8"},{"vulnerability":"VCID-xe2v-j69t-d3h3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u76"},{"url":"http://public2.vulnerablecode.io/api/packages/65570?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.70-ga70","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-t18w-rg4b-fqea"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.70-ga70"},{"url":"http://public2.vulnerablecode.io/api/packages/653425?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.71","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.71"},{"url":"http://public2.vulnerablecode.io/api/packages/653426?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.72","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.72"},{"url":"http://public2.vulnerablecode.io/api/packages/653427?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.73","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.73"},{"url":"http://public2.vulnerablecode.io/api/packages/653428?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.74","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-t18w-rg4b-fqea"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.74"},{"url":"http://public2.vulnerablecode.io/api/packages/83031?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.75","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-rs2y-3c75-uycm"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-su57-hncy-5qg4"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.75"},{"url":"http://public2.vulnerablecode.io/api/packages/69069?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.76","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-rs2y-3c75-uycm"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-su57-hncy-5qg4"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-uun9-ctyg-k3d9"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-xv4h-g41b-c7c7"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.76"},{"url":"http://public2.vulnerablecode.io/api/packages/65219?format=json","purl":"pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.77","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11qf-d5xp-4fey"},{"vulnerability":"VCID-1jgz-k7zp-uydp"},{"vulnerability":"VCID-1me4-suy5-ayhq"},{"vulnerability":"VCID-27a1-teqk-cbe2"},{"vulnerability":"VCID-292m-hgvs-93ey"},{"vulnerability":"VCID-2bcr-bxek-skfq"},{"vulnerability":"VCID-2dra-x6f5-xybz"},{"vulnerability":"VCID-2mtb-mdha-qufv"},{"vulnerability":"VCID-3hm3-htje-akgd"},{"vulnerability":"VCID-434b-p73k-5fam"},{"vulnerability":"VCID-4kym-jhtn-cfa3"},{"vulnerability":"VCID-4xqq-69ab-1qew"},{"vulnerability":"VCID-5732-ffyz-9fh5"},{"vulnerability":"VCID-5bex-xcub-3qhr"},{"vulnerability":"VCID-5nq8-gsav-5ffq"},{"vulnerability":"VCID-68yp-31d3-zbay"},{"vulnerability":"VCID-6yrk-8tj5-juhp"},{"vulnerability":"VCID-8xx2-vtnr-dubu"},{"vulnerability":"VCID-9epf-zkmr-67a6"},{"vulnerability":"VCID-b24q-c9nx-hkdy"},{"vulnerability":"VCID-brjh-tyur-ebc8"},{"vulnerability":"VCID-by7b-2zr9-y3dj"},{"vulnerability":"VCID-ca62-h2qv-v7bg"},{"vulnerability":"VCID-ce9p-rwsz-zkf6"},{"vulnerability":"VCID-d56y-s4zt-uyd7"},{"vulnerability":"VCID-e5h2-wvws-3yhq"},{"vulnerability":"VCID-ebzh-bpks-5qe2"},{"vulnerability":"VCID-ej5y-geq1-pkfn"},{"vulnerability":"VCID-evap-nt9g-akf6"},{"vulnerability":"VCID-g41m-xvk2-xfda"},{"vulnerability":"VCID-ggmh-6ef8-7ufj"},{"vulnerability":"VCID-gyge-7d5c-6uhz"},{"vulnerability":"VCID-hvpx-y297-sbha"},{"vulnerability":"VCID-j3pc-gwg6-qfbs"},{"vulnerability":"VCID-ksvn-b6hv-hfa7"},{"vulnerability":"VCID-mbd8-z3ry-cqap"},{"vulnerability":"VCID-mf9a-eusx-f3gb"},{"vulnerability":"VCID-nhp5-61h7-ryf4"},{"vulnerability":"VCID-pf71-p73a-xyda"},{"vulnerability":"VCID-qy5u-7m7g-4ben"},{"vulnerability":"VCID-r363-kggk-k3ds"},{"vulnerability":"VCID-rns1-e6pd-tkex"},{"vulnerability":"VCID-rs2y-3c75-uycm"},{"vulnerability":"VCID-s86p-ew9a-rkgt"},{"vulnerability":"VCID-su57-hncy-5qg4"},{"vulnerability":"VCID-sw28-urg9-tqgd"},{"vulnerability":"VCID-tf5n-etq9-2bg1"},{"vulnerability":"VCID-turp-jxv8-1fgy"},{"vulnerability":"VCID-w7z4-h1ug-z3cq"},{"vulnerability":"VCID-wpqk-8fd9-p3ex"},{"vulnerability":"VCID-xn1n-5rgc-83bg"},{"vulnerability":"VCID-xv4h-g41b-c7c7"},{"vulnerability":"VCID-y1wd-arvg-2ugt"},{"vulnerability":"VCID-ynk1-3fye-bfcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.77"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-35030","reference_id":"","reference_type":"","scores":[{"value":"0.01433","scoring_system":"epss","scoring_elements":"0.81045","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01433","scoring_system":"epss","scoring_elements":"0.81044","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01433","scoring_system":"epss","scoring_elements":"0.81048","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-35030"},{"reference_url":"https://github.com/liferay/liferay-portal","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liferay/liferay-portal"},{"reference_url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030","reference_id":"CVE-2023-35030","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:48:29Z/"}],"url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-35030","reference_id":"CVE-2023-35030","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-35030"},{"reference_url":"https://github.com/advisories/GHSA-p2fc-xxr8-fw3p","reference_id":"GHSA-p2fc-xxr8-fw3p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p2fc-xxr8-fw3p"}],"weaknesses":[{"cwe_id":352,"name":"Cross-Site Request Forgery (CSRF)","description":"The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9epf-zkmr-67a6"}