Количество 2
Количество 2
CVE-2025-62261
Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to obtain the token, reset a user’s password and take over the user’s account.
GHSA-xcj6-xpjg-c4xr
Liferay Portal Stores Password Reset Tokens in Plain Text
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-62261 Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to obtain the token, reset a user’s password and take over the user’s account. | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| GHSA-xcj6-xpjg-c4xr Liferay Portal Stores Password Reset Tokens in Plain Text | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу