PT-2024-21033 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.0 through 7.4.3.4 Liferay DXP versions 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17 Description: The issue allows remote authenticated users with the VIEW user permission to edit their own permission v...

IDOR Vulnerability Allow the owner of one Organization can edit, delete and resetpassword users that belong to other organization

1 first, we create two organizations: org1 and org2. The owner of them is user1 and user2 corresponding. 2 we login as user1 and reset itsself password. 3 using the burpsuit to hack hijack the post. 4 The post and can be like: PUT...

Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne

English: Multiple vulnerabilities in Basware Banking/Maksuliikenne software that were reported already 08/2012 may still enable undetectable economic crimes against user organizations companies Finnish: Basware Banking/Maksuliikenne -ohjelmiston haavoittuvuudet, joista raportoitiin jo 08/2012,...