{"id":"GHSA-hmrx-6pr5-hpwj","summary":"Liferay Portal and Liferay DXP Vulnerable to Cross-Site Request Forgery (CSRF) via the Content Page Editor","details":"Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4.0 through 7.4.3.103, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92 and 7.3 update 29 through update 35 allows remote attackers to (1) change user passwords, (2) shut down the server, (3) execute arbitrary code in the scripting console, (4) and perform other administrative actions via the `_com_liferay_commerce_catalog_web_internal_portlet_CommerceCatalogsPortlet_redirect` parameter.","aliases":["CVE-2024-26273"],"modified":"2025-04-28T20:27:14.535676Z","published":"2024-10-22T18:32:11Z","database_specific":{"cwe_ids":["CWE-352"],"github_reviewed":true,"nvd_published_at":"2024-10-22T15:15:05Z","github_reviewed_at":"2025-04-28T19:29:54Z","severity":"HIGH"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26273"},{"type":"PACKAGE","url":"https://github.com/liferay/liferay-portal"},{"type":"WEB","url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2024-26273"}],"affected":[{"package":{"name":"com.liferay.portal:release.portal.bom","ecosystem":"Maven","purl":"pkg:maven/com.liferay.portal/release.portal.bom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"7.4.0"},{"fixed":"7.4.3.104"}]}],"versions":["7.4.0","7.4.1","7.4.1-1","7.4.2","7.4.2-1","7.4.3.10","7.4.3.100","7.4.3.101","7.4.3.102","7.4.3.103","7.4.3.11","7.4.3.12","7.4.3.13","7.4.3.14","7.4.3.15","7.4.3.16","7.4.3.17","7.4.3.18","7.4.3.19","7.4.3.20","7.4.3.20-ga20","7.4.3.21","7.4.3.21-ga21","7.4.3.22","7.4.3.23","7.4.3.24","7.4.3.25","7.4.3.26","7.4.3.27","7.4.3.28","7.4.3.29","7.4.3.30","7.4.3.31","7.4.3.32","7.4.3.33","7.4.3.34","7.4.3.35","7.4.3.36","7.4.3.37","7.4.3.38","7.4.3.39","7.4.3.4","7.4.3.40","7.4.3.41","7.4.3.42","7.4.3.43","7.4.3.44","7.4.3.45","7.4.3.46","7.4.3.47","7.4.3.48","7.4.3.49","7.4.3.5","7.4.3.50","7.4.3.51","7.4.3.52","7.4.3.53","7.4.3.54","7.4.3.55","7.4.3.56","7.4.3.57","7.4.3.58","7.4.3.59","7.4.3.6","7.4.3.60","7.4.3.60-ga60","7.4.3.61","7.4.3.61-ga61","7.4.3.62","7.4.3.63","7.4.3.64","7.4.3.65","7.4.3.66","7.4.3.67","7.4.3.68","7.4.3.69","7.4.3.7","7.4.3.70","7.4.3.71","7.4.3.72","7.4.3.73","7.4.3.74","7.4.3.75","7.4.3.76","7.4.3.77","7.4.3.78","7.4.3.79","7.4.3.8","7.4.3.80","7.4.3.81","7.4.3.82","7.4.3.83","7.4.3.84","7.4.3.85","7.4.3.85-ga85","7.4.3.86","7.4.3.87","7.4.3.88","7.4.3.89","7.4.3.9","7.4.3.90","7.4.3.91","7.4.3.92","7.4.3.93","7.4.3.94","7.4.3.95","7.4.3.95-1","7.4.3.96","7.4.3.97","7.4.3.98","7.4.3.99"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-hmrx-6pr5-hpwj/GHSA-hmrx-6pr5-hpwj.json"}},{"package":{"name":"com.liferay.portal:release.dxp.bom","ecosystem":"Maven","purl":"pkg:maven/com.liferay.portal/release.dxp.bom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2023.Q4.0"},{"fixed":"2023.Q4.3"}]}],"versions":["2023.q4.0","2023.q4.1","2023.q4.2"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-hmrx-6pr5-hpwj/GHSA-hmrx-6pr5-hpwj.json"}},{"package":{"name":"com.liferay.portal:release.dxp.bom","ecosystem":"Maven","purl":"pkg:maven/com.liferay.portal/release.dxp.bom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2023.Q3.1"},{"fixed":"2023.Q3.6"}]}],"versions":["2023.q3.1","2023.q3.2","2023.q3.3","2023.q3.4","2023.q3.5"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-hmrx-6pr5-hpwj/GHSA-hmrx-6pr5-hpwj.json"}},{"package":{"name":"com.liferay.portal:release.dxp.bom","ecosystem":"Maven","purl":"pkg:maven/com.liferay.portal/release.dxp.bom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"7.4.GA"},{"fixed":"7.4u93"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-hmrx-6pr5-hpwj/GHSA-hmrx-6pr5-hpwj.json","last_known_affected_version_range":"\u003c= 7.4u92"}},{"package":{"name":"com.liferay.portal:release.dxp.bom","ecosystem":"Maven","purl":"pkg:maven/com.liferay.portal/release.dxp.bom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"7.3u29"},{"fixed":"7.3u36"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-hmrx-6pr5-hpwj/GHSA-hmrx-6pr5-hpwj.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}