Количество 2
Количество 2
CVE-2023-33949
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true.
GHSA-g9mr-9xfc-4gf7
Insecure Default Initialization In Liferay Portal
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-33949 In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true. | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
| GHSA-g9mr-9xfc-4gf7 Insecure Default Initialization In Liferay Portal | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу