Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-54386

XML external entity (XXE) processing vulnerability in 6.2.2

Details

    Description

      The portal is vulnerable to XML external entity (XXE) processing in 6.2.2. This can lead to disclosure of confidential data or a denial-of-service (DoS) attack.

      Attachments

        Activity

          People

            samuel.kong Samuel Kong
            samuel.kong Samuel Kong
            Kiyoshi Lee Kiyoshi Lee
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              7 years, 29 weeks, 4 days ago

              Packages

                Version Package
                6.0.X EE
                6.1.X EE
                7.0.0 M2