Details

    • 3
    • 5.0
    • CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
    • 85
    • 13

    Description

      Liferay DXP 7.1 and DXP 7.0 is vulnerable to server side request forgery (SSRF) via XSLT as used in Web Content templates and the XSL Content widget.

      Attachments

        Activity

          People

            support-ee EE Support
            tibor.lipusz Tibor Lipusz
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Packages

                Version Package
                7.0.X EE
                7.1.x EE