PT-2022-26271 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.5 through 7.4.3.35 Liferay DXP 7.4 update 1 through update 34 Description: The issue allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module. This ...

If a MIMOProxy owner destroys their proxy, they cannot deploy another from the same address

Lines of code Vulnerability details When deploying a new MIMOProxy, the MIMOProxyRegistry first checks whether a proxy exists with the same owner for the given address. If an existing proxy is found, the deployment reverts: MIMOProxyRegistrydeployFor function deployForaddress owner public overrid...