CVE-2022-42128
CVE-2022-42128 affects Liferay Portal 7.4.1–7.4.3.4 and Liferay DXP 7.4 GA. The Hypermedia REST APIs module fails to properly enforce permissions, allowing remote attackers to obtain a WikiNode object through WikiNodeResource.getSiteWikiNodeByExternalReferenceCode. Impact is information disclosur...