Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-11143 Add authtoken to the SessionClickAction call and enable checking for it
  3. LPE-11144

6210 SessionClickAction - easy phishing attack + could be used to retrieve plain text content (even offensive or obscene) as it would be hosted on the site

    Details

    • Type: Fix Pack Patch
    • Status: Closed
    • Priority: Major
    • Resolution: Incomplete
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Attachments

        Activity

          People

          Assignee:
          zsolt.balogh Zsolt Balogh
          Reporter:
          gabor.kovacs Gabor Kovacs
          Votes:
          0 Vote for this issue
          Watchers:
          1 Start watching this issue

            Dates

            Created:
            Updated:
            Resolved:

              Packages

              Version Package