Description
In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates.
Remediation
References
Related Vulnerabilities
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1595)
WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4)
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.2)
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.1.11)
Oracle Application Server CVE-2006-0285 Vulnerability (CVE-2006-0285)