Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-11444
HistoryApr 22, 2019 - 4:00 a.m.

CVE-2019-11444

2019-04-2204:00:36
mitre
www.cve.org

7.1 High

AI Score

Confidence

High

0.045 Low

EPSS

Percentile

92.5%

JSON

An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay’s Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by β€œdef cmd =” in the ServerAdminPortlet_script value to group/control_panel/manage. Valid credentials for an application administrator user account are required. NOTE: The developer disputes this as a vulnerability since it is a feature for administrators to run groovy scripts and therefore not a design flaw

Related

prion 1
cve 1
nvd 1
prion
prion
Input validation
2019-04-22 11:29:00
cve
cve
CVE-2019-11444
2019-04-22 11:29:05
nvd
nvd
CVE-2019-11444
2019-04-22 11:29:05

7.1 High

AI Score

Confidence

High

0.045 Low

EPSS

Percentile

92.5%

JSON
Related for CVELIST:CVE-2019-11444
prion1cve1nvd1