Vulnerability Description
In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the `doAsUserId` URL parameter may get leaked when creating linked content using the WYSIWYG editor and while impersonating a user. This may allow remote authenticated users to impersonate a user after accessing the linked content.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Liferay | Digital Experience Platform | 7.2 |
| Liferay | Dxp | 7.3 |
| Liferay | Liferay Portal | >= 7.2.0, <= 7.4.1 |
Related Weaknesses (CWE)
References
- https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jektVendor Advisory
- https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jektVendor Advisory
FAQ
What is CVE-2024-25148?
CVE-2024-25148 is a vulnerability with a CVSS score of 5.4 (MEDIUM). In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the `doAsUserId` URL parameter ...
How severe is CVE-2024-25148?
CVE-2024-25148 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-25148?
Check the references section above for vendor advisories and patch information. Affected products include: Liferay Digital Experience Platform, Liferay Dxp, Liferay Liferay Portal.