Description
Privilege escalation vulnerability in Liferay Portal 7.0.3 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the company administrator user.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP ULike Multiple Vulnerabilities (3.1)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3065)
WordPress Plugin MiwoFTP-File & Folder Manager Multiple Vulnerabilities (1.0.5)
WordPress Plugin URL Cloak & Encrypt Cross-Site Scripting (2.0)
WordPress Plugin Sell Media Cross-Site Request Forgery (2.5.5)