Unauthorized users may be able to retrieve username list and password hashed
Description
Environment
We tested it on liferay 4.x and 5.x. It was not tested on Liferay 6.x
Activity
Show:
Raymond AugéJuly 28, 2010 at 11:52 AM
This issue has been addressed since
committed 2007-09-10
svn://svn.liferay.com/repos/public/portal/trunk@9261
Minded Security S.r.l.June 15, 2010 at 3:40 PM
Details about this issue can be found here:
No Longer Reproducible
Created May 12, 2010 at 3:29 AM
Updated June 23, 2023 at 8:46 PM
Resolved July 28, 2010 at 11:52 AM
Since the vulnerability has an high impact, let us know the best way to handle the issue