CVE-2024-26273 | Liferay Portal/DXP cross-site request forgery

Inserito da Angelo Barbosa | Ott 22, 2024 | CVE

A vulnerability has been found in Liferay Portal and DXP and classified as problematic. This vulnerability affects unknown code. The manipulation of the argument _com_liferay_commerce_catalog_web_internal_portlet_CommerceCatalogsPortlet_redirect leads to cross-site request forgery.

This vulnerability was named CVE-2024-26273. The attack can be initiated remotely. There is no exploit available.

CVE-2024-26273 | Liferay Portal/DXP cross-site request forgery

Post correlati

CVE-2024-24328 | Totolink A3300R 17.0.0cu.557_B20221024 setMacFilterRules enable command injection

CVE-2023-35630 | Microsoft Windows up to Server 2022 23H2 Internet Connection Sharing Remote Code Execution

CVE-2024-3885 | Premium Addons for Elementor Plugin up to 4.10.28 on WordPress cross site scripting

CVE-2024-6501 | Network NetworkManager LLDP denial of service