Security Advisory

CVE-2022-42128

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-15 00:00:00

Last updated 2025-04-30 14:27:15

Assigner mitre

State PUBLISHED

Description

The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API.

← Browse all CVEs View on cve.org ↗