CVE-2022-41414

An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-07 18:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-41414

Mitre link : CVE-2022-41414

CVE.ORG link : CVE-2022-41414


JSON object : View

Products Affected

liferay

  • liferay_portal
CWE
CWE-276

Incorrect Default Permissions