27 Mar 2020

CVE-2020-7961

9.8 Critical Severity

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

suggest your own:

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Apps (0)

Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)