com.liferay:com.liferay.layout.taglib

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.liferay:com.liferay.layout.taglibpage 1 of 1

CVE-2025-43733MEDIUMCVSS 5.4EG 5.4✓ Fixed in 17.0.0
2025-08-18
vulnerable: 1.0.0 ... 9.1.2 (386 versions)
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This mali…
CVE-2025-43753MEDIUMCVSS 5.4EG 5.4✓ Fixed in 16.1.32
2025-08-21
vulnerable: 1.0.0 ... 9.1.2 (384 versions)
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 20…

Check whether com.liferay:com.liferay.layout.taglib is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.liferay:com.liferay.layout.taglib CVEs against the assets you own.

Start Free Scan →