CVE-2024-26268

CVSS V2 None CVSS V3 None
Description
User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 before update 8, 7.2 before fix pack 20, and older unsupported versions allows remote attackers to determine if an account exist in the application by comparing the request's response time.
Overview
  • CVE ID
  • CVE-2024-26268
  • Assigner
  • Liferay
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-02-20T13:17:28.137Z
  • Last Modified Date
  • 2024-02-21T03:50:53.570Z
History
Created Old Value New Value Data Type Notes
2024-06-26 00:22:24 Added to TrackCVE