CVE

CVE-2018-10795

admin

CVE-2018-10795

Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html URI.

Source: CVE-2018-10795

Exit mobile version