Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-54382

Insecure handling of authentication information in 6.2.2

    Details

      Description

      This ticket covers various issues in the way the portal handles authentication information in Liferay Portal 6.2 CE GA3 that are addressed by the CST patch, including:

      • Passwords are transmitted to the user unnecessarily
      • Browsers may save answers to reminder questions

        Attachments

          Activity

            People

            Assignee:
            samuel.kong Samuel Kong
            Reporter:
            samuel.kong Samuel Kong
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              5 years, 44 weeks, 1 day ago

                Packages

                Version Package