Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.6 views

CVE-2024-25148

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the doAsUserId URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user...

8.1CVSS6.5AI score0.00548EPSS
Exploits0References1
Circl
Circl
added 2024/02/08 5:31 a.m.7 views

CVE-2024-25148

creationtimestamp| type| source ---|---|--- 2024-02-08 05:31:40+00:00| seen| https://t.me/ctinow/181163 2024-03-02 07:36:44+00:00| seen| https://t.me/ctinow/198253...

8.1CVSS7.2AI score0.00548EPSS
Exploits0References2
NVD
NVD
added 2024/02/08 4:15 a.m.35 views

CVE-2024-25148

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the doAsUserId URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user...

8.1CVSS6AI score0.00548EPSS
Exploits0References1
OSV
OSV
added 2024/02/08 4:15 a.m.29 views

CVE-2024-25148

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the doAsUserId URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user...

8.1CVSS6.5AI score0.00548EPSS
Exploits0References1
CVE
CVE
added 2024/02/08 3:43 a.m.68 views

CVE-2024-25148

CVE-2024-25148 affects Liferay Portal versions 7.2.0–7.4.1 and certain Liferay DXP/older unsupported releases. The vulnerability stems from leakage of the doAsUserId URL parameter when creating linked content with the WYSIWYG editor and while impersonating a user, enabling remote authenticated us...

8.1CVSS7.6AI score0.00548EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder