A remote code execution vulnerability exists in Liferay Portal prior to 7.2.1 CE GA2 due to Deserialization of Untrusted Data. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.
Binary data liferay_portal-cve-2020-7961.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
liferay | liferay_portal | cpe:/a:liferay:liferay_portal |