22Eki
CVE-2024-26271 | Liferay Portal/DXP My Account Widget cross-site request forgery
A vulnerability was found in Liferay Portal and DXP and classified as problematic. This issue affects some unknown processing of the component My Account Widget. The manipulation of the argument _com_liferay_my_account_web_portlet_MyAccountPortlet_backURL leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-26271. The attack may be initiated remotely. There is no exploit available.