Количество 2
Количество 2
CVE-2025-43814
In Liferay Portal 7.4.0 through 7.4.3.112, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions the audit events records a user’s password reminder answer, which allows remote authenticated users to obtain a user’s password reminder answer via the audit events.
GHSA-ph63-chvv-8x46
Liferay Portal and DXP audit events record password reminder answers
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43814 In Liferay Portal 7.4.0 through 7.4.3.112, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions the audit events records a user’s password reminder answer, which allows remote authenticated users to obtain a user’s password reminder answer via the audit events. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| GHSA-ph63-chvv-8x46 Liferay Portal and DXP audit events record password reminder answers | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу