| ID | CVE-2022-26595 | ||||||
| Sažetak | Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:S/C:P/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 09-07-2026 - 01:17 | ||||||
| Objavljeno | 19-04-2022 - 13:15 |

