CST-7202 Multiple permission vulnerabilities in 7.2 CE GA1

Description

Multiple permission issue exists in Liferay Portal 7.2 CE GA1 which allows users to perform actions on resources which they are not authorized to perform.

Severity

Severity 2

Fixed Version(s)

Acknowledgments

Some vulnerabilities reported by Jakub Vavera

Publication date: Mon, 25 Nov 2019 08:45:00 +0000

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.