Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2022-42121

A SQL injection vulnerability in the Layout module in Liferay Portal 7.1.3 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before service pack 3, and 7.4 GA allows remote authenticated attackers to execute arbitrary SQL commands via a crafted payload injected into a page template's 'Name' field.

  • Published: Nov 15, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-42121
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
liferay / liferay_portal 7.1.3 7.4.3.4.x
liferay / dxp 7.3 7.3.x
liferay / dxp 7.3-sp1 7.3-sp1.x
liferay / dxp 7.3-sp2 7.3-sp2.x
liferay / dxp 7.4-ga1 7.4-ga1.x
liferay / liferay_portal 7.1.0 7.4.2.x
liferay / digital_experience_platform 7.2 7.2.x
liferay / digital_experience_platform 7.2-fix_pack_1 7.2-fix_pack_1.x
liferay / digital_experience_platform 7.2-fix_pack_2 7.2-fix_pack_2.x
liferay / digital_experience_platform 7.2-fix_pack_3 7.2-fix_pack_3.x
liferay / digital_experience_platform 7.2-fix_pack_5 7.2-fix_pack_5.x
liferay / digital_experience_platform 7.2-fix_pack_4 7.2-fix_pack_4.x
liferay / digital_experience_platform 7.1-fix_pack_17 7.1-fix_pack_17.x
liferay / digital_experience_platform 7.1 7.1.x
liferay / digital_experience_platform 7.1-fix_pack_4 7.1-fix_pack_4.x
liferay / digital_experience_platform 7.1-fix_pack_16 7.1-fix_pack_16.x
liferay / digital_experience_platform 7.1-fix_pack_15 7.1-fix_pack_15.x
liferay / digital_experience_platform 7.1-fix_pack_14 7.1-fix_pack_14.x
liferay / digital_experience_platform 7.1-fix_pack_13 7.1-fix_pack_13.x
liferay / digital_experience_platform 7.1-fix_pack_12 7.1-fix_pack_12.x
liferay / digital_experience_platform 7.1-fix_pack_11 7.1-fix_pack_11.x
liferay / digital_experience_platform 7.1-fix_pack_10 7.1-fix_pack_10.x
liferay / digital_experience_platform 7.1-fix_pack_9 7.1-fix_pack_9.x
liferay / digital_experience_platform 7.1-fix_pack_6 7.1-fix_pack_6.x
liferay / digital_experience_platform 7.2-fix_pack_7 7.2-fix_pack_7.x
liferay / digital_experience_platform 7.2-fix_pack_8 7.2-fix_pack_8.x
liferay / digital_experience_platform 7.2-fix_pack_9 7.2-fix_pack_9.x
liferay / digital_experience_platform 7.1-fix_pack_18 7.1-fix_pack_18.x
liferay / digital_experience_platform 7.1-fix_pack_19 7.1-fix_pack_19.x
liferay / digital_experience_platform 7.1-fix_pack_20 7.1-fix_pack_20.x
liferay / digital_experience_platform 7.2-fix_pack_10 7.2-fix_pack_10.x
liferay / digital_experience_platform 7.2-fix_pack_11 7.2-fix_pack_11.x
liferay / digital_experience_platform 7.1-fix_pack_21 7.1-fix_pack_21.x
liferay / digital_experience_platform 7.1-fix_pack_22 7.1-fix_pack_22.x
liferay / digital_experience_platform 7.1-fix_pack_23 7.1-fix_pack_23.x
liferay / digital_experience_platform 7.2-fix_pack_14 7.2-fix_pack_14.x
liferay / digital_experience_platform 7.2-fix_pack_12 7.2-fix_pack_12.x
liferay / digital_experience_platform 7.2-fix_pack_13 7.2-fix_pack_13.x
liferay / digital_experience_platform 7.2-fix_pack_15 7.2-fix_pack_15.x
liferay / digital_experience_platform 7.2-fix_pack_6 7.2-fix_pack_6.x
liferay / digital_experience_platform 7.1-fix_pack_5 7.1-fix_pack_5.x
liferay / digital_experience_platform 7.1-fix_pack_3 7.1-fix_pack_3.x
liferay / digital_experience_platform 7.1-fix_pack_2 7.1-fix_pack_2.x
liferay / digital_experience_platform 7.1-fix_pack_1 7.1-fix_pack_1.x
liferay / digital_experience_platform 7.1-fix_pack_8 7.1-fix_pack_8.x
liferay / digital_experience_platform 7.1-fix_pack_7 7.1-fix_pack_7.x
liferay / digital_experience_platform 7.1-fix_pack_24 7.1-fix_pack_24.x
liferay / digital_experience_platform 7.1-fix_pack_25 7.1-fix_pack_25.x