Description
In Liferay Portal 7.1 CE GA4 and earlier, a potential SQL injection vulnerability exist in the asset framework.
Severity
Severity 1
Fixed Version(s)
- March 2020 source patch for Liferay Portal 7.1.3. Details for working with source patches can be found on the Patching Liferay Portal page.
- March 2020 source patch for Liferay Portal 7.0.6. Details for working with source patches can be found on the Patching Liferay Portal page.
- March 2020 source patch for Liferay Portal 6.2.5. Details for working with source patches can be found on the Patching Liferay Portal page.
Publication date: Tue, 25 Jun 2019 22:36:00 +0000