CyberSec.Space Logo
Back to CVE Browser

CVE-2020-13445

HIGH
8.8
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile34.96th
PublishedJun 10, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates.

Affected Platforms (CPE)

πŸ“¦
Liferay

Liferay Portal

= 7.1
πŸ“¦
Liferay

Liferay Portal

= 7.1
πŸ“¦
Liferay

Liferay Portal

= 7.1
πŸ“¦
Liferay

Liferay Portal

= 7.1.1
πŸ“¦
Liferay

Liferay Portal

= 7.2
πŸ“¦
Liferay

Liferay Portal

= 7.3
πŸ“¦
Liferay

Liferay Portal

= 7.3

References & Advisories

πŸ”— https://issues.liferay.com/browse/LPE-17023
πŸ”— https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317411
πŸ”— https://securitylab.github.com/advisories/GHSL-2020-043-liferay_ce
πŸ”— https://issues.liferay.com/browse/LPE-17023
πŸ”— https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317411
πŸ”— https://securitylab.github.com/advisories/GHSL-2020-043-liferay_ce

Related Vulnerabilities

CVE-2021-339909.8

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor di...

CVE-2020-79619.8

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JS...

CVE-2019-168919.8

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

CVE-2021-290538.8

Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated us...