Privilege escalation vulnerability in Liferay Portal 7.0.3 up to and including 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the company administrator user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
liferay dxp 7.2 |
||
liferay dxp 7.1 |
||
liferay liferay portal |