Description

Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page.

Remediation

References

CVE-2022-45320

Related Vulnerabilities

Moodle CVE-2022-30598 Vulnerability (CVE-2022-30598)

TYPO3 Improper Input Validation Vulnerability (CVE-2009-0258)

Squid Improper Input Validation Vulnerability (CVE-2016-2569)

WordPress 3.4 Multiple Vulnerabilities (3.4)

WordPress Plugin Product Addons & Fields for WooCommerce Unspecified Vulnerability (13.7)

Severity

Medium

Classification

CVE-2022-45320 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Tags

Missing Update Known Vulnerabilities