Количество 2
Количество 2
CVE-2022-42122
A SQL injection vulnerability in the Friendly Url module in Liferay Portal 7.3.7, and Liferay DXP 7.3 fix pack 2 through update 4 allows attackers to execute arbitrary SQL commands via a crafted payload injected into the `title` field of a friendly URL.
GHSA-hw56-7xj4-7gx6
Liferay Portal and Liferay DXP Vulnerable to SQL Injection via Friendly URL Module
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-42122 A SQL injection vulnerability in the Friendly Url module in Liferay Portal 7.3.7, and Liferay DXP 7.3 fix pack 2 through update 4 allows attackers to execute arbitrary SQL commands via a crafted payload injected into the `title` field of a friendly URL. | CVSS3: 9.8 | 1% Низкий | около 3 лет назад |
| GHSA-hw56-7xj4-7gx6 Liferay Portal and Liferay DXP Vulnerable to SQL Injection via Friendly URL Module | CVSS3: 9.8 | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу