[LPS-57597] Path traversal vulnerability with plugins - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Duplicate
Affects Version/s: 6.2.3 CE GA4
Fix Version/s: 6.0.X EE, 6.1.X EE, 6.2.X EE, 7.0.0 M6
Component/s: Security Vulnerability
Labels:

Description

A path traversal vulnerability has been discovered in the portal. By manipulating the URL, a user can view any file in a deployed plugin.

Attachments

Activity

People

Assignee:: Samuel Kong

Reporter:: Samuel Kong

Participants of an Issue:: Samuel Kong

Recent user:: Rafaela Nascimento

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 31/Jul/15 7:08 PM

Updated:: 27/Dec/22 11:01 AM

Resolved:: 26/Aug/15 2:45 AM

Days since last comment:: 7 years, 45 weeks, 5 days ago

Packages

Version	Package
6.0.X EE
6.1.X EE
6.2.X EE
7.0.0 M6