CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 12CVE-2020-7961 – Liferay Portal Deserialization of Untrusted Data Vulnerability
https://notcve.org/view.php?id=CVE-2020-7961
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). Una Deserialización de Datos No Confiables en Liferay Portal versiones anteriores a 7.2.1 CE GA2, permite a atacantes remotos ejecutar código arbitrario por medio de los servicios web JSON (JSONWS). Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services. • https://www.exploit-db.com/exploits/48332 https://github.com/mzer0one/CVE-2020-7961-POC https://github.com/ShutdownRepo/CVE-2020-7961 https://github.com/CrackerCat/CVE-2020-7961-Mass https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate https://github.com/shacojx/GLiferay-CVE-2020-7961-golang https://github.com/thelostworldFree/CVE-2020-7961-payloads https://github.com/manrop2702/CVE-2020-7961 https://githu • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 75EXPL: 3CVE-2019-16891
https://notcve.org/view.php?id=CVE-2019-16891
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload. Liferay Portal CE versión 6.2.5, permite la ejecución de comandos remota debido a la deserialización de una carga útil JSON. • https://dappsec.substack.com/p/an-advisory-for-cve-2019-16891-from https://sec.vnpt.vn/2019/09/liferay-deserialization-json-deserialization-part-4 https://www.liferay.com/downloads-community https://www.youtube.com/watch?v=DjMEfQW3bf0 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2019-16147
https://notcve.org/view.php?id=CVE-2019-16147
Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib. Liferay Portal versiones hasta 7.2.0 GA1, permite un ataque de tipo XSS por medio de un título de artículo de revista en el archivo journal_article/page.jsp en journal/journal-taglib. • https://github.com/liferay/liferay-portal/commit/7e063aed70f947a92bb43a4471e0c4e650fe8f7f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 64EXPL: 1CVE-2019-6588 – Liferay Portal 7.1 CE GA=3 / SimpleCaptcha API - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-6588
In Liferay Portal before 7.1 CE GA4, an XSS vulnerability exists in the SimpleCaptcha API when custom code passes unsanitized input into the "url" parameter of the JSP taglib call <liferay-ui:captcha url="<%= url %>" /> or <liferay-captcha:captcha url="<%= url %>" />. Liferay Portal out-of-the-box behavior with no customizations is not vulnerable. En el Portal Liferay anterior a 7.1 CE GA4, existe una vulnerabilidad de XSS en la API SimpleCaptcha cuando el código personalizado pasa una entrada sin autorización al parámetro "url" de la etiqueta de la etiqueta JSP o . El comportamiento de Liferay Portal fuera de la caja sin personalizaciones no es vulnerable. Liferay Portal version 7.1 CE GA4 suffers from cross site scripting vulnerability in the SimpleCaptcha API. • https://www.exploit-db.com/exploits/46983 http://packetstormsecurity.com/files/153252/Liferay-Portal-7.1-CE-GA4-Cross-Site-Scripting.html https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-71/-/asset_publisher/7v4O7y85hZMo/content/cst-7130-multiple-xss-vulnerabilities-in-7-1-ce-ga3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-10795
https://notcve.org/view.php?id=CVE-2018-10795
Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html URI. NOTE: the vendor disputes this issue because file upload is an expected feature, subject to Role Based Access Control checks where only authenticated users with proper permissions can upload files ** EN DISPUTA ** Liferay en versiones 6.2.x y anteriores tiene una configuración FCKeditor que permite que un atacante suba o transfiera archivos de tipo peligroso que pueden procesarse automáticamente en el entorno del producto mediante un URI browser/liferay/browser.html?Type= o html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html. NOTA: el fabricante discute este problema debido a que la subida de archivos es una funcionalidad esperada, sujeta a las comprobaciones de control de acceso basado en roles, donde solo los usuarios autenticados con permisos adecuados pueden subir archivos. • https://cxsecurity.com/issue/WLB-2018050029 • CWE-434: Unrestricted Upload of File with Dangerous Type •