Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
7.1 DXP (7.1.10), 7.2 DXP (7.2.10)
-
CVE-2021-33320
-
5.0
-
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
-
96
-
20
-
5
Description
The flags module in Liferay DXP 7.0, 7.1 and 7.2 does not limit the rate at which content can be flagged as inappropriate, which allows remote authenticated users to spam the site administrator with emails.