4 matches found
CVE-2022-38512
creationtimestamp| type| source ---|---|--- 2022-09-22 07:11:56+00:00| seen| https://t.me/cibsecurity/50258...
CVE-2022-38512
The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL...
CVE-2022-38512
The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL...
CVE-2022-38512
The CVE-2022-38512 issue affects Liferay Portal v7.4.3.12–v7.4.3.36 and Liferay DXP 7.4 update 8–36, where the Translation module does not verify permissions when exporting a web content for translation. The underlying flaw allows an attacker to download a web content page’s XLIFF translation fil...