Insecure Direct Object Reference (IDOR)
com.liferay:com.liferay.roles.selector.web is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to improper access control in the groupId parameter of the comliferayrolesselectorwebportletRolesSelectorPortletgroupId, which allows an attacker with organization...