Details

      Description

      The portal may potentially be vulnerable to Rosetta Flash. Rosetta Flash is a JSONP attack that can bypass CSRF's same origin policy. Liferay Portal 6.2 is not vulnerable to this attack out of the box. However, this vulnerability may be exploitable with a customized authentication system.

        Attachments

          Activity

            People

            • Assignee:
              samuel.kong Samuel Kong
              Reporter:
              samuel.kong Samuel Kong
              Participants of an Issue:
              Recent user:
              Esther Sanz
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                3 years, 30 weeks, 6 days ago

                Packages

                Version Package