Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-54386

XML external entity (XXE) processing vulnerability in 6.2.2

    Details

      Description

      The portal is vulnerable to XML external entity (XXE) processing in 6.2.2. This can lead to disclosure of confidential data or a denial-of-service (DoS) attack.

        Attachments

          Activity

            People

            • Assignee:
              samuel.kong Samuel Kong
              Reporter:
              samuel.kong Samuel Kong
              Participants of an Issue:
              Recent user:
              Esther Sanz
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 36 weeks, 1 day ago

                Packages

                Version Package
                6.0.X EE
                6.1.X EE
                7.0.0 M2