Description
Denial-of-service (DoS) vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by (1) enabling Time-based One-time password (TOTP) on behalf of the other user or (2) modifying the other user's TOTP shared secret.
Remediation
References
Related Vulnerabilities
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)
WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.7)
Oracle JRE Cryptographic Issues Vulnerability (CVE-2012-2739)
WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)
WordPress Plugin KittyCatfish Ads by Missilesilo SQL Injection (2.2)