Security Advisory

CVE-2022-42126

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-15 00:00:00

Last updated 2025-04-30 14:32:32

Assigner mitre

State PUBLISHED

Description

The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI.

← Browse all CVEs View on cve.org ↗