Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:52 p.m.6 views

CVE-2022-42130

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries...

4.3CVSS6.5AI score0.0073EPSS
Exploits0References1
OSV
OSV
added 2022/11/15 2:15 a.m.5 views

CVE-2022-42130

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries...

4.3CVSS5.8AI score0.0073EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/11/15 12:0 a.m.24 views

CVE-2022-42130

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries...

4.7AI score0.0073EPSS
Exploits0References2
CVE
CVE
added 2022/11/15 12:0 a.m.79 views

CVE-2022-42130

The Dynamic Data Mapping module in Liferay Portal 7.1.0–7.4.3.4 and Liferay DXP 7.1–7.4 exposed an information-disclosure vulnerability where form entries could be viewed/accessed without proper permission checks. Root cause: inadequate permission validation for form entries in the DDM, enabling ...

4.3CVSS4.3AI score0.0073EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder