7 matches found
CVE-2023-3426
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...
Liferay Portal 7.4.3.81 < 7.4.3.86 Information Disclosure
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported versio...
CVE-2023-3426
creationtimestamp| type| source ---|---|--- 2023-08-02 14:39:06+00:00| seen| https://t.me/cibsecurity/67572...
CVE-2023-3426
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...
CVE-2023-3426
The CVE affects Liferay Portal 7.4.3.81–7.4.3.85 and Liferay DXP 7.4 update 81–85, where the organization selector fails to enforce permissions, allowing remote authenticated users to enumerate all organizations. The issue is confirmed across multiple feeds; remediation is to upgrade to a fixed v...
CVE-2023-3426
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...
CVE-2023-3426
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...