Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
7.1 DXP (7.1.10), 7.2 DXP (7.2.10)
-
3
-
CVE-2021-33323
-
4.3
-
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
-
19
-
7
Description
Forms in Liferay DXP 7.1 and 7.2 autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user.