Liferay XMLRPC Blind SSRF

Description
  • Liferay XMLRPC servlet allows remote attackers to interact with internal network resources via Blind Server Side Request Forgery (SSRF). Consult Web References for more information about this problem.
Remediation
  • Restrict access to the vulnerable endpoints.
References