Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
7.2 DXP (7.2.10)
-
None
-
CVE-2022-42124
-
2.6
-
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
-
19
Description
ReDoS vulnerability in LayoutPageTemplateEntryUpgradeProcess in Liferay DXP 7.2 fix pack 9 through fix pack 18 allows remote attackers to consume an excessive amount of server resources via a malicious layout prototype name.