Liferay Portal JSON Service API Multiple Security Bypass Vulnerabilities

Summary

Liferay Portal is prone to multiple security-bypass vulnerabilities.

Credit:

The original article can be found at: http://www.securityfocus.com/bid/54796
The information has been provided by Danilo Massa and Enrico Cinquini .


Details

Vulnerable Systems:
 *FreeBSD Freebsd 9.0-RELEASE and prior

Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions.

Vendor Status:
Currently we are not aware of any vendor-supplied patches

Disclosure Timeline:
Initial Release: Aug 03 2012

Categories: News