Liferay Portal JSON Service API Multiple Security Bypass Vulnerabilities


Liferay Portal is prone to multiple security-bypass vulnerabilities.


The original article can be found at:
The information has been provided by Danilo Massa and Enrico Cinquini .


Vulnerable Systems:
 *FreeBSD Freebsd 9.0-RELEASE and prior

Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions.

Vendor Status:
Currently we are not aware of any vendor-supplied patches

Disclosure Timeline:
Initial Release: Aug 03 2012

Categories: News