Lucene search
PRIOn knowledge basePRION:CVE-2022-42128HistoryNov 15, 2022 - 1:15 a.m.
Design/Logic Flaw
2022-11-1501:15:00
PRIOn knowledge base
www.prio-n.com
2
hypermedia
rest apis
liferay portal 7.4
remote attackers
wikinode object
vulnerability
The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API.
| CPE | Name | Operator | Version |
|---|---|---|---|
| digital_experience_platform | eq | 7.4 | |
| liferay_portal | ge | 7.4.1 | |
| liferay_portal | lt | 7.4.3.5 |
Related
osv
osv
BIT-liferay-2022-42128
2024-01-31 15:20:01
Incorrect Default Permissions in Liferay Portal
2022-11-15 12:00:16
github
github
Incorrect Default Permissions in Liferay Portal
2022-11-15 12:00:16
nvd
nvd
CVE-2022-42128
2022-11-15 01:15:13
cve
cve
CVE-2022-42128
2022-11-15 01:15:13
cvelist
cvelist
CVE-2022-42128
2022-11-15 00:00:00