CVE-2020-24554
published 2020-09-01CVE-2020-24554: The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| liferay | liferay_portal | < 7.3.3 | 7.3.3 |