2 matches found
CVE-2021-33335
Privilege escalation vulnerability in Liferay Portal 7.0.3 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the company administrator...
CVE-2021-33335
CVE-2021-33335 affects Liferay Portal 7.0.3–7.3.4 and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9. A remote authenticated user with permission to update/edit users can takeover a company administrator account by editing the company administrator user. Root cause is privilege esc...