3 matches found
Liferay Portal 6.1 - 6.0.x Privilege Escalation
No description provided by source. Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user c...
Liferay 5.x / 6.x Cross Site Scripting
Multiple xss issues in Liferay Description: Liferay Portal is an enterprise portal written in Java Multiple xss vulnerabilities where found in liferay. Because liferay has a "remember me" option in their login screen that stores an encrypted password in a cookie this is more problematic than it...
Liferay Portal Privilege Escalation
Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any...