CVE-2024-25606 | Liferay Portal/DXP Java2WsddTask._format xml external entity reference

Posted by Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Liferay Portal and DXP. Affected is the function Java2WsddTask._format. The manipulation leads to xml external entity reference.

This vulnerability is traded as CVE-2024-25606. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-25606 | Liferay Portal/DXP Java2WsddTask._format xml external entity reference

Related Posts

CVE-2024-40318 | Webkul QloApps 1.6.0.0 File unrestricted upload

CVE-2023-52120 | Basix NEX-Forms Plugin up to 8.5.2 on WordPress cross-site request forgery

CVE-2024-31030 | Keith Cullen FreeCoAP 0.7 Packet coap_msg.c denial of service

CVE-2024-7668 | SourceCodester Car Driving School Management System 1.0 Master.php delete_package id sql injection