CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33323

HIGH
7.5
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile42.55th
PublishedAug 3, 2021
Last ModifiedMay 13, 2025

Vulnerability Description

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user.

Affected Platforms (CPE)

πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.1
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Digital Experience Platform

= 7.2
πŸ“¦
Liferay

Liferay Portal

>= 7.1.0 and < 7.3.1

References & Advisories

πŸ”— https://issues.liferay.com/browse/LPE-17049
πŸ”— https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747107
πŸ”— https://issues.liferay.com/browse/LPE-17049
πŸ”— https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747107

Related Vulnerabilities

CVE-2020-262467.7

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website s...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-3263710.0

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_modul...