Lucene search
+L

4 matches found

NVD
NVD
added 2024/02/20 1:15 p.m.30 views

CVE-2024-26265

The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, whic...

6.5CVSS4.9AI score0.00707EPSS
Exploits0References1
OSV
OSV
added 2024/02/20 1:15 p.m.11 views

CVE-2024-26265

The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, whic...

6.5CVSS6.3AI score0.00707EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/20 12:51 p.m.30 views

CVE-2024-26265

The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, whic...

5CVSS5.2AI score0.00707EPSS
Exploits0References1
CVE
CVE
added 2024/02/20 12:51 p.m.85 views

CVE-2024-26265

CVE-2024-26265 affects the Image Uploader module in Liferay Portal (7.2.0–7.4.3.15 and older unsupported) and Liferay DXP (7.4 pre-update 16, 7.3 pre-update 4, 7.2 pre-fix pack 19). The root cause is reliance on a request parameter to cap upload size; remote authenticated users can modify the max...

6.5CVSS4.9AI score0.00707EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder