Liferay Portal License Manager Detected

The target Liferay portal instance exposes information about the license state and the server. An unauthenticated attacked could leverage these information, such as server internal IP addresse and hostname, liferay version and license owner to conduct further attacks. No source data...

EUVD-2024-0509

Malicious code in bioql PyPI...

CVE-2024-26138

The XWiki licensor application, which manages and enforce application licenses for paid extensions, includes the document Licenses.Code.LicenseJSON that provides information for admins regarding active licenses. This document is public and thus exposes this information publicly. The information...

XWiki licensor application security vulnerability

XWiki licensor application is an extension for XWiki. A security vulnerability exists in XWiki licensor application. An attacker could use this vulnerability to obtain sensitive information, including the instance ID and the name and email of the license owner...

PT-2024-21295 · Xwiki · Xwiki Application Licensing

Name of the Vulnerable Software and Affected Versions: XWiki Application Licensing versions prior to 1.24.2 Description: The XWiki licensor application includes a public document Licenses.Code.LicenseJSON that exposes sensitive information, including the instance's id, first and last name, and...