Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-54386

XML external entity (XXE) processing vulnerability in 6.2.2

    Details

      Description

      The portal is vulnerable to XML external entity (XXE) processing in 6.2.2. This can lead to disclosure of confidential data or a denial-of-service (DoS) attack.

        Attachments

          Activity

            People

            Assignee:
            samuel.kong Samuel Kong
            Reporter:
            samuel.kong Samuel Kong
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              5 years, 45 weeks, 5 days ago

                Packages

                Version Package
                6.0.X EE
                6.1.X EE
                7.0.0 M2