An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows malicious users to enumerate usernames, site names, and pages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
liferay liferay portal |