Maven package
com.liferay/com.liferay.headless.discovery.web
pkg:maven/com.liferay/com.liferay.headless.discovery.web
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28981 | — | < 4.0.12 | 4.0.12 | Sep 22, 2022 | Path traversal vulnerability in the Hypermedia REST APIs module in Liferay Portal 7.4.0 through 7.4.2 allows remote attackers to access files outside of com.liferay.headless.discovery.web/META-INF/resources via the `parameter` parameter. |
- CVE-2022-28981Sep 22, 2022affected < 4.0.12fixed 4.0.12
Path traversal vulnerability in the Hypermedia REST APIs module in Liferay Portal 7.4.0 through 7.4.2 allows remote attackers to access files outside of com.liferay.headless.discovery.web/META-INF/resources via the `parameter` parameter.