Lucene search

GoogleOSV:CVE-2024-25148

HistoryFeb 08, 2024 - 4:15 a.m.

CVE-2024-25148

2024-02-0804:15:08

Google

osv.dev

cve-2024-25148

information leak

wysiwyg editor

remote authentication

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.5%

JSON

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the doAsUserId URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user. This may allow remote authenticated users to impersonate a user after accessing the linked content.

CPENameOperatorVersion
liferay-portaleq7.2.0-a1
liferay-portaleqsync-3.0.7-b8
liferay-portaleq6.1.0-b3
liferay-portaleq7.0.0-m4
liferay-portaleq6.1.0-rc1
liferay-portaleq6.2.0-m2
liferay-portaleq7.0.0-m3
liferay-portaleqsync-3.0.4-b5
liferay-portaleq6.1.0-b2
liferay-portaleq6.2.0-m5

Name	Operator	Version
liferay-portal	eq	7.2.0-a1
liferay-portal	eq	sync-3.0.7-b8
liferay-portal	eq	6.1.0-b3
liferay-portal	eq	7.0.0-m4
liferay-portal	eq	6.1.0-rc1
liferay-portal	eq	6.2.0-m2
liferay-portal	eq	7.0.0-m3
liferay-portal	eq	sync-3.0.4-b5
liferay-portal	eq	6.1.0-b2
liferay-portal	eq	6.2.0-m5

Rows per page:

1-10 of 471

References

liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25148

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.5%

JSON

Related for OSV:CVE-2024-25148