Количество 2
Количество 2
CVE-2023-47798
Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions, which allows remote authenticated users to remain authenticated after an account has been locked.
GHSA-2mx7-xvfg-fg53
Liferay Portal's account lockout does not invalidate existing user sessions
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-47798 Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions, which allows remote authenticated users to remain authenticated after an account has been locked. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
| GHSA-2mx7-xvfg-fg53 Liferay Portal's account lockout does not invalidate existing user sessions | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу