3 matches found
PT-2022-26266 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.3 through 7.4.3.16 Liferay DXP versions 7.3 before update 4 Liferay DXP versions 7.4 before update 17 Description: A SQL injection issue in the Fragment module allows attackers to execute arbitrary SQL commands via...
CVE-2022-42120
A SQL injection vulnerability in the Fragment module in Liferay Portal 7.3.3 through 7.4.3.16, and Liferay DXP 7.3 before update 4, and 7.4 before update 17 allows attackers to execute arbitrary SQL commands via a PortletPreferences' namespace attribute...
Liferay Portal和Liferay DXP SQL注入漏洞
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...