Cross-Site Request Forgery Vulnerability in Liferay Portal by Liferay
CVE-2008-0563

Currently unrated

Key Information:

Vendor: Liferay
Status: Liferay Enterprise Portal
Vendor: CVE Published:; 5 February 2008

What is CVE-2008-0563?

A Cross-Site Request Forgery vulnerability exists in the UserLocalServiceImpl.java of Liferay Portal 4.3.6. This flaw enables remote attackers to execute unauthorized actions by leveraging the User-Agent HTTP header. As a result, a malicious actor could potentially exploit this weakness to manipulate authenticated users, leading to unintended modifications or data exposure when the user interacts with the platform.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://support.liferay.com/browse/LEP-4737

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 5, 2008

JSON

Liferay

What is CVE-2008-0563?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.