Описание
In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitThird Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:liferay:liferay_portal:7.1:ga1:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.1:ga2:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.1:ga3:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.1.1:ga2:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.2:ga1:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.3:ga1:*:*:community:*:*:*
cpe:2.3:a:liferay:liferay_portal:7.3:ga2:*:*:community:*:*:*
EPSS
Процентиль: 88%
0.0371
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution
EPSS
Процентиль: 88%
0.0371
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74