Source |
CVE Liste |
Identifiant |
2799393 |
Date de publication |
2021-05-17 11:15:07 (vue: 2021-05-17 13:05:45) |
Titre |
CVE-2021-29053 |
Texte |
Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to (1) CommerceChannelRelFinder.countByC_C, or (2) CommerceChannelRelFinder.findByC_C. |
Envoyé |
Oui |
Condensat |
2021 29053 allow arbitrary authenticated before classpkfield commands commercechannelrelfinder countbyc cve dxp execute findbyc fix injection liferay multiple pack parameter portal remote sql users vulnerabilities |
Tags |
|
Stories |
APT 33
|
Notes |
|
Move |
|