Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

The vulnerability of the OAUTH2 protocol implementation in the command-line tool cURL allows a perpetrator to bypass the authentication process and gain unauthorized access to protected information.

The vulnerability of the OAUTH2 protocol implementation in the command-line tool cURL relates to the repeated use of the same connection with the same credentials. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain unauthorized access to protected...