3 matches found
CVE-2024-25150
Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions allows remote authenticated users to obtain a user's full name from the page...
CVE-2024-25150
Information Disclosure in Liferay Portal/DXP: CVE-2024-25150 affects Liferay Portal 7.2.0–7.4.2 (and related DXP/vintage releases) where remote authenticated users can enumerate user screen names and obtain a user’s full name from the page title. Root cause relates to enumeration via the Control ...
CVE-2024-25150
Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions allows remote authenticated users to obtain a user's full name from the page...