Количество 2
Количество 2
CVE-2025-43784
Improper Access Control vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.8, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows guest users to obtain object entries information via the API Builder.
GHSA-fvp7-jj9m-3qpf
Liferay Portal's Incorrect Authorization vulnerability can lead to guest users to obtaining sensitive data
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43784 Improper Access Control vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.8, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows guest users to obtain object entries information via the API Builder. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| GHSA-fvp7-jj9m-3qpf Liferay Portal's Incorrect Authorization vulnerability can lead to guest users to obtaining sensitive data | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу