liferay is vulnerable to cross-site request forgery. The vulnerability exists due to the lack of validation in the csrf token in the process
function of EditPageHandler.java
, allowing an attacker to guess the csrf token value.
CPE | Name | Operator | Version |
---|---|---|---|
togglz - admin console | le | 2.9.3 | |
togglz - admin console | le | 2.9.3 |