CVE

CVE-2021-38266

admin

CVE-2021-38266

Liferay Portal through v7.2.1 and Liferay DXP through v7.2 does not correctly import users from LDAP, allowing remote attackers to prevent a legitimate user from authenticating by attempting to sign in as a user that exists in LDAP.

Source: CVE-2021-38266

Exit mobile version