0.001 Low
EPSS
Percentile
48.1%
com.liferay.dynamic.data.mapping.service is vulnerable to information disclosure. The vulnerability exists as it does not remove authentication data in the response sent by the DDMDataProvider API.
github.com/community-security-team/liferay-portal/commit/064e6b01afa1e087e4c6bbaf7f71c97ee33f3ee9
issues.liferay.com/browse/LPE-17009
portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317396