Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-54382

Insecure handling of authentication information in 6.2.2

    Details

      Description

      This ticket covers various issues in the way the portal handles authentication information in Liferay Portal 6.2 CE GA3 that are addressed by the CST patch, including:

      • Passwords are transmitted to the user unnecessarily
      • Browsers may save answers to reminder questions

        Attachments

          Activity

            People

            • Assignee:
              samuel.kong Samuel Kong
              Reporter:
              samuel.kong Samuel Kong
              Participants of an Issue:
              Recent user:
              Esther Sanz
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                5 years, 11 weeks, 6 days ago

                Packages

                Version Package