Liferay Portal@7.1.2 Security Vulnerabilities and Issues — Liferay Portal@7.1.2 CVE List

Lucene search

LiferayLiferay Portal7.1.2

2 matches found

CVE•added 2019/10/04 2:15 p.m.•227 views

CVE-2019-16891

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

9.8CVSS9.4AI score0.83825EPSS

CVE•added 2019/04/22 11:29 a.m.•81 views

CVE-2019-11444

An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by "def cmd =" in the ServerAdminPortlet_script value to group/control_panel/manage. Valid cre...

9CVSS7AI score0.45816EPSS