LSV-1103: User permissions are not checked for DepotGroupItemSelectorProvider

Affects versions

None

Fix versions

None

7.0 Fix Pack Version

None

7.1 Fix Pack Version

None

7.2 Fix Pack Version

None

7.3 Fix Pack Version

7.4 Fix Pack Version

CVE IDs

CVE-2022-42126

CVSS Base Score

4.3

CVSS Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Labels

7.3.10-u8

Description

The Asset Libraries module in Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI.

Activity

Show:

Fixed

Pinned fields

Click on the next to a field label to start pinning.

Details
Assignee
EE Support
Reporter
Enterprise Release HU
Priority
Low

Zendesk Support

Created June 28, 2022 at 5:31 AM

Updated October 18, 2022 at 11:18 PM

Resolved October 18, 2022 at 11:18 PM

Configure

LSV-1103: User permissions are not checked for DepotGroupItemSelectorProvider

Affects versions

Fix versions

7.0 Fix Pack Version

7.1 Fix Pack Version

7.2 Fix Pack Version

7.3 Fix Pack Version

7.4 Fix Pack Version

CVE IDs

CVSS Base Score

CVSS Vector String

Labels

Description

Activity

DetailsAssigneeEE SupportEE SupportReporterEnterprise Release HUEnterprise Release HUPriorityLow

Details

Assignee

Reporter

Priority

Zendesk SupportLinked Tickets

Zendesk Support

Details
Assignee
EE Support
Reporter
Enterprise Release HU
Priority
Low

Zendesk Support