Description

The Remote App module in Liferay Portal through v7.4.3.8 and Liferay DXP through v7.4 does not check if the origin of event messages it receives matches the origin of the Remote App, allowing attackers to exfiltrate the CSRF token via a crafted event message.

Remediation

References

CVE-2022-25146

Related Vulnerabilities

LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)

PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2666)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246)

WordPress Plugin Ultimate Membership Pro SQL Injection (6.4)

Drupal Other Vulnerability (CVE-2007-4063)

Severity

Medium

Classification

CVE-2022-25146 CWE-346 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities