portal-impl is vulnerable to remote code execution (RCE). The vulnerability exists as the velocity and freemarker templates were not properly restricting loading of remote classes.
dev.liferay.com/web/community-security-team/known-vulnerabilities
dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates
github.com/community-security-team/liferay-portal/commit/76aaec0256e98bce0c0542ab071d4cf5132e10ca
github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91
issues.liferay.com/browse/LPE-14964
issues.liferay.com/browse/LPS-64547
issues.liferay.com/browse/LPS-7087
portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/113764289?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_redirect=https%3A%2F%2Fportal.liferay.dev%3A443%2Flearn%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_cur%3D0%26p_r_p_resetCur%3Dtrue%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_assetEntryId%3D113764289