A vulnerability was found in Liferay Portal and DXP and classified as problematic. This issue affects some unknown processing of the component My Account Widget. The manipulation of the argument _com_liferay_my_account_web_portlet_MyAccountPortlet_backURL leads to cross-site request forgery.
The identification of this vulnerability is CVE-2024-26271. The attack may be initiated remotely. There is no exploit available.