Количество 2
Количество 2
CVE-2021-29053
Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to (1) CommerceChannelRelFinder.countByC_C, or (2) CommerceChannelRelFinder.findByC_C.
GHSA-f9wj-c5pc-g9rh
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-29053 Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to (1) CommerceChannelRelFinder.countByC_C, or (2) CommerceChannelRelFinder.findByC_C. | CVSS3: 8.8 | 0% Низкий | больше 4 лет назад |
| GHSA-f9wj-c5pc-g9rh Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу