CVE-2020-7961 - Liferay Portal Deserialization of Untrusted Data Vulnerability
Project:Liferay
Product:Liferay Portal
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Liferay Portal Deserialization of Untrusted Data Vulnerability
Description
Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-7961