Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-9555

Unauthorized users may be able to retrieve username list and password hashed

    Details

    • Type: Bug
    • Status: Closed
    • Resolution: No Longer Reproducible
    • Affects Version/s: 5.1.2
    • Fix Version/s: 6.0.4 GA, 6.0.5 GA
    • Labels:
      None
    • Environment:
      We tested it on liferay 4.x and 5.x. It was not tested on Liferay 6.x
    • Branch Version/s:
      5.2.x, 5.1.x

      Description

      Since the vulnerability has an high impact, let us know the best way to handle the issue

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                8 years, 40 weeks ago