4 matches found
CVE-2008-0182
Cross-site request forgery CSRF vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message...
CVE-2008-0182
CVE-2008-0182 is a CSRF vulnerability in the Liferay Portal Admin portlet (pre-4.4.0). Remote authenticated users could cause actions as other authenticated users through the Shutdown message. Impact is partial integrity compromise; CVSS base score from NVD is 4.3 (Medium). The vulnerability is m...
CVE-2008-0182
Cross-site request forgery CSRF vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message...
Liferay Portal fails to protect against CSRF
Overview Liferay Portal fails to properly protect against Cross-Site Request Forgery CSRF. This may allow a remote attacker to be able to forge requests that Liferay Portal takes action upon. Description Liferay Portal is an enterprise portal solution that uses Java technologies. Liferay Portal...