14 matches found
CVE-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
Adobe Creative Cloud Desktop 安全漏洞
Adobe Creative Cloud Desktop is a suite of applications for managing applications and services in the Creative Cloud Member Management Center from the American company Audobee Adobe. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...
EUVD-2022-7248
Malicious code in bioql PyPI...
BIT-LIFERAY-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
Adobe Creative Cloud Desktop Application Code Execution Vulnerability
Adobe Creative Cloud Desktop Application is a suite of applications for managing applications and services in the Creative Cloud Membership Management Center from Adobe USA. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...
GHSA-642H-MX8Q-47P2 Missing permissions check in Liferay Portal
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
Missing permissions check in Liferay Portal
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
CVE-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
CVE-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
Code injection
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
PT-2022-26272 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.5 through 7.4.3.28 Liferay DXP 7.3 before update 8 Liferay DXP 7.4 before update 29 Description: The Asset Libraries module does not properly check permissions of asset libraries, allowing remote authenticated user...
CVE-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
CVE-2022-42126
The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI...
CVE-2022-42126
The CVE-2022-42126 entry affects the Asset Libraries module in Liferay Portal 7.3.5–7.4.3.28 and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29. Root cause: improper permission checks allow remote authenticated users to view asset libraries via the UI. Practical impact is exposure ...