CVE-2024-25148 — Sensitive Info Insertion into Sent Data in DXP

CWE-201 — Sensitive Info Insertion into Sent Data CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

8.1HIGHNVD

CNA5.4

EPSS

0.4%

top 37.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Liferay DXP Liferay Portal Liferay Portal +1 more

Timeline

PublishedFeb 8

Description

In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the `doAsUserId` URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user. This may allow remote authenticated users to impersonate a user after accessing the linked content.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages5 packages

▶CVEListV5liferay/portal7.2.0 — 7.4.1

▶NVDliferay/liferay_portal7.2.0 — 7.4.1

▶CVEListV5liferay/dxp7.3.10 — 7.3.10-dxp-2+1

▶NVDliferay/dxp7.3

▶NVDliferay/digital_experience_platform7.2

🔴Vulnerability Details

CVEList

CVE-2024-25148: In Liferay Portal 7↗2024-02-08

▶

GHSA

Liferay Portal vulnerable to user impersonation↗2024-02-08

▶

OSV

Liferay Portal vulnerable to user impersonation↗2024-02-08

▶