CST-7132 Unauthorized users can view web content articles via display pages

Description

In Liferay 7.1.0 through 7.1.3, unauthorized users can view web content articles via URL manipulation if the article is configured to be viewed in the context of a display page.

 

Severity

Severity 2

Fixed Version(s)

Publication date: Tue, 25 Jun 2019 22:36:00 +0000

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.