Lucene search
MitreCVELIST:CVE-2021-33322HistoryAug 03, 2021 - 6:29 p.m.
CVE-2021-33322
2021-08-0318:29:17
mitre
www.cve.org
0.002 Low
EPSS
Percentile
54.8%
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the userβs password via the old password reset token.
Related
cnvd
cnvd
Liferay Portal and Liferay DXP code issue vulnerability
2021-08-05 00:00:00
osv
osv
CVE-2021-33322
2021-08-03 19:15:08
nvd
nvd
CVE-2021-33322
2021-08-03 19:15:08
cve
cve
CVE-2021-33322
2021-08-03 19:15:08
prion
prion
Default credentials
2021-08-03 19:15:00