3 matches found
CVE-2023-33949
creationtimestamp| type| source ---|---|--- 2023-05-24 20:27:25+00:00| seen| https://t.me/cibsecurity/64701...
CVE-2023-33949
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property...
CVE-2023-33949
CVE-2023-33949 affects Liferay Portal 7.3.0 and earlier and Liferay DXP 7.2 and earlier. The issue stems from a default configuration that does not require email verification for new accounts, enabling remote attackers to create accounts with fake or unowned email addresses. The documented mitiga...