GHSA-jfch-m2x3-2v66

Suggest an improvement
Source
https://github.com/advisories/GHSA-jfch-m2x3-2v66
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jfch-m2x3-2v66/GHSA-jfch-m2x3-2v66.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-jfch-m2x3-2v66
Aliases
Published
2022-05-24T19:09:46Z
Modified
2025-06-27T22:44:38.527177Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Liferay Portal and Liferay DXP insecure default configuration
Details

Insecure default configuration in portal services implementation before 5.11.0 in Liferay Portal 6.2.3 through 7.3.2, and Liferay DXP before 7.3, allows remote attackers to enumerate user email address via the forgot password functionality. The portal.property login.secure.forgot.password should be defaulted to true.

Database specific 
{
    "github_reviewed": true,
    "nvd_published_at": "2021-08-03T19:15:00Z",
    "cwe_ids": [
        "CWE-640"
    ],
    "github_reviewed_at": "2025-06-27T21:40:15Z",
    "severity": "HIGH"
}
References

Affected packages

Maven / com.liferay.portal:com.liferay.portal.impl

Package

Name
com.liferay.portal:com.liferay.portal.impl
View open source insights on deps.dev
Purl
pkg:maven/com.liferay.portal/com.liferay.portal.impl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.11.0

Affected versions

1.*
1.0.0
1.0.1
2.*
2.0.0
2.1.0
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.7.0
2.8.0
2.9.0
2.10.0
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.16.0
2.17.0
2.18.0
2.19.0
2.20.0
2.21.0
2.22.0
2.23.0
2.24.0
2.25.0
2.25.1
2.25.2
2.25.3
2.26.0
2.26.1
2.26.2
2.27.0
2.27.1
2.27.2
2.28.0
2.28.1
2.28.2
2.29.0
2.30.0
2.30.1
2.30.2
2.30.3
2.30.4
2.31.0
2.32.0
2.32.1
2.33.0
2.33.1
2.33.2
2.34.0
2.34.1
2.35.0
2.36.0
2.36.1
2.36.2
2.36.3
2.36.4
2.36.5
2.36.6
2.37.0
2.37.1
2.37.2
2.37.3
2.37.4
2.38.0
2.38.1
2.38.2
2.39.0
2.40.0
2.41.0
2.41.1
2.42.0
2.42.1
2.42.2
2.43.0
2.43.1
2.43.2
2.43.3
2.43.4
2.43.5
2.43.6
2.43.7
2.43.8
2.44.0
2.44.1
2.44.2
2.44.3
2.44.4
2.44.5
2.44.6
2.44.7
2.44.8
2.44.9
2.44.10
2.44.11
2.44.12
2.44.13
2.45.0
2.45.1
2.45.2
2.45.3
2.45.4
2.45.5
2.50.0
2.51.0
2.52.0
2.52.1
2.52.2
2.52.3
2.52.4
2.52.5
2.52.6
2.52.7
2.53.0
2.53.1
2.53.2
2.53.3
2.54.0
2.54.1
2.54.2
2.54.3
2.54.4
2.54.5
2.54.6
2.55.0
2.55.1
2.56.0
2.56.1
2.56.2
2.56.3
2.56.4
2.56.5
2.56.6
2.56.7
2.57.0
2.57.1
2.57.2
2.57.3
2.57.4
2.57.5
2.57.6
2.58.0
2.58.1
2.58.2
2.59.0
2.59.1
2.59.2
2.60.0
2.60.1
2.60.2
2.60.3
2.61.0
2.61.1
2.61.2
2.62.0
2.62.1
2.62.2
2.63.0
2.63.1
2.64.0
2.64.1
2.65.0
2.65.1
2.65.2
2.65.3
2.65.4
2.65.5
2.65.6
2.65.7
2.65.8
2.65.9
2.65.10
2.65.11
2.65.12
2.65.13
2.65.14
2.65.15
2.65.16
2.65.17
2.65.18
2.65.19
2.65.20
2.65.21
2.65.22
2.65.23
2.65.24
2.65.25
2.65.26
2.65.27
2.65.28
2.65.29
2.65.30
2.65.31
2.65.32
2.65.33
2.66.0
2.66.1
2.66.2
2.66.3
2.67.0
2.67.1
2.67.2
2.67.3
2.67.4
2.68.0
2.68.1
2.68.2
2.68.3
2.68.4
2.68.5
2.69.0
2.69.1
2.69.2
2.69.3
2.69.4
2.69.5
2.69.6
2.69.7
2.70.0
2.70.1
2.70.2
2.70.3
2.70.4
2.70.5
2.70.6
2.70.7
2.71.0
2.71.1
2.71.2
2.71.3
2.71.4
2.71.5
2.71.6
2.71.7
2.71.8
2.71.9
2.71.10
2.71.11
2.71.12
2.72.0
2.72.1
2.72.2
2.72.3
2.72.4
2.72.5
2.73.0
2.73.1
2.73.2
2.73.3
2.73.4
2.73.5
2.73.6
2.73.7
2.73.8
2.74.0
2.74.1
2.74.2
2.74.3
2.74.4
2.74.5
2.74.6
2.74.7
2.74.8
2.74.9
2.74.10
2.74.11
2.74.12
2.74.13
2.74.14
2.74.15
2.74.16
2.74.17
2.74.18
2.74.19
2.74.20
2.74.21
2.74.22
2.74.23
2.74.24
2.74.25
2.74.26
2.74.27
2.74.28
2.74.29
2.74.30
2.74.31
2.74.32
2.74.33
2.75.0
2.75.1
2.75.2
2.75.3
2.75.4
2.75.5
2.75.6
2.75.7
2.75.8
2.75.9
2.75.10
2.76.0
2.76.1
2.76.2
2.77.0
2.77.1
2.78.0
2.78.1
2.79.0
2.79.1
2.79.2
2.79.3
2.79.4
2.79.5
2.79.6
2.79.7
2.79.8
2.79.9
2.80.0
2.80.1
2.82.0
2.83.0
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.2.0
3.3.0
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.8
3.3.9
3.3.10
3.3.11
3.3.12
3.3.13
3.4.0
3.4.1
3.4.2
3.4.3
3.4.4
3.5.0
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.6
3.5.7
3.5.8
3.5.9
3.5.10
3.6.0
3.6.1
3.6.2
3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.8.0
3.8.1
3.9.0
3.9.1
3.9.2
3.9.3
3.9.4
3.10.0
3.11.0
3.11.1
3.12.0
3.13.0
3.13.1
3.13.2
3.13.3
3.14.0
3.14.1
3.14.2
3.14.3
3.14.4
3.14.5
3.15.0
3.15.1
3.15.2
3.15.3
3.16.0
3.17.0
3.17.1
3.17.2
3.18.0
3.19.0
3.19.1
3.19.2
3.20.0
3.20.1
3.20.2
3.20.3
3.21.0
3.21.1
3.22.0
3.22.1
3.22.2
3.22.3
3.22.4
3.22.5
3.22.6
3.22.7
3.22.8
3.22.9
3.22.10
3.22.11
3.22.12
3.22.13
3.22.14
3.22.15
3.22.16
3.22.17
3.22.18
3.22.19
3.22.20
3.23.0
3.23.1
3.23.2
3.23.3
3.23.4
3.23.5
3.23.6
3.23.7
3.23.8
3.24.0
3.25.0
3.25.1
3.25.2
3.25.3
3.25.4
3.25.5
3.26.0
3.26.1
3.26.2
3.26.3
3.26.4
3.26.5
3.26.6
3.27.0
3.27.1
3.27.2
3.27.3
3.27.4
3.27.5
3.27.6
3.27.7
3.27.8
3.27.9
3.27.10
3.27.11
3.27.12
3.28.0
3.28.1
3.28.2
3.29.0
3.29.1
3.29.2
3.29.3
3.29.4
3.29.5
3.29.6
3.29.7
3.29.8
3.29.9
3.29.10
3.30.0
3.30.1
3.31.0
3.32.0
3.32.1
3.33.0
3.33.1
3.34.0
3.35.0
3.35.1
3.35.2
3.36.0
3.36.1
3.36.2
3.37.0
3.37.1
3.38.0
3.38.1
3.38.2
3.39.0
3.39.1
3.40.0
3.41.0
3.41.1
3.41.2
3.41.3
3.41.4
3.42.0
3.43.0
3.44.0
3.44.1
3.45.0
3.45.1
3.45.2
3.45.3
3.45.4
3.45.5
3.45.6
3.45.7
3.45.8
3.46.0
3.47.0
3.48.0
3.48.1
3.48.2
3.49.0
3.49.1
3.49.2
3.49.3
3.49.4
3.49.5
3.49.6
3.49.7
3.49.8
3.49.9
3.49.10
3.49.11
3.49.12
3.49.13
3.49.14
3.49.15
3.49.16
3.49.17
3.49.18
3.49.19
3.49.20
3.50.0
3.50.1
3.50.2
3.50.3
3.50.4
3.50.5
3.50.6
3.50.7
3.50.8
3.50.9
3.50.10
3.50.11
3.50.12
3.50.13
3.50.14
3.50.15
3.50.16
3.50.17
3.50.18
3.50.19
3.50.20
3.50.21
3.51.0
3.51.1
3.51.2
3.51.3
3.51.4
3.51.5
3.52.0
3.52.1
3.52.2
3.52.3
3.52.4
3.52.5
3.52.6
3.52.7
3.53.0
3.53.1
3.53.2
3.53.3
3.53.4
3.54.0
3.54.1
3.54.2
3.54.3
3.54.4
3.55.0
3.55.1
3.55.2
3.55.3
3.55.4
3.55.5
3.55.6
3.55.7
3.56.0
3.56.1
3.56.2
3.56.3
3.56.4
3.56.5
3.56.6
3.56.7
3.56.8
3.56.9
3.56.10
3.56.11
3.56.12
3.56.13
3.56.14
3.56.15
3.56.16
3.56.17
3.56.18
3.56.19
3.56.20
3.57.0
3.57.1
3.57.2
3.57.3
3.57.4
3.57.5
3.58.0
3.58.1
3.58.2
3.58.3
3.58.4
3.58.5
3.58.6
3.58.7
3.58.8
3.58.9
3.58.10
3.58.11
3.58.12
3.58.13
3.58.14
3.58.15
3.58.16
3.58.17
3.58.18
3.58.19
3.58.20
3.58.21
3.58.22
3.58.23
3.58.24
3.58.25
3.58.26
3.58.27
3.59.0
3.59.1
3.59.2
3.59.3
3.59.4
3.59.5
3.59.6
3.59.7
3.59.8
3.59.9
3.60.0
3.60.1
3.61.0
3.62.0
3.62.1
3.62.2
3.62.3
3.62.4
3.62.5
3.62.6
3.62.7
3.62.8
3.62.9
3.63.0
3.63.1
3.63.2
3.63.3
3.63.4
3.63.5
3.63.6
3.63.7
3.63.8
3.64.0
3.64.1
3.64.2
3.65.0
3.65.1
3.65.2
3.65.3
3.66.0
3.66.1
3.66.2
3.66.3
3.66.4
3.66.5
3.66.6
3.67.0
3.67.1
3.67.2
3.67.3
3.67.4
3.67.5
3.67.6
3.67.7
3.68.0
3.68.1
3.68.2
3.68.3
3.69.0
3.70.0
3.71.0
3.71.1
3.71.2
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.0.11
4.1.0
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.1.10
4.1.11
4.1.12
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.6.0
4.7.0
4.7.1
4.7.2
4.8.0
4.8.1
4.8.2
4.8.3
4.8.4
4.9.0
4.9.1
4.9.2
4.9.3
4.9.4
4.9.5
4.10.0
4.11.0
4.11.1
4.11.2
4.11.3
4.11.4
4.11.5
4.11.6
4.11.7
4.11.8
4.12.0
4.12.1
4.12.2
4.12.3
4.12.4
4.12.5
4.12.6
4.12.7
4.12.8
4.12.9
4.12.10
4.12.11
4.12.12
4.13.0
4.14.0
4.14.1
4.14.2
4.14.3
4.14.4
4.14.5
4.14.6
4.14.7
4.14.8
4.14.9
4.14.10
4.14.11
4.14.12
4.14.13
4.14.14
4.14.15
4.14.16
4.14.17
4.14.18
4.14.19
4.14.20
4.16.0
4.16.1
4.16.2
4.17.0
4.17.1
4.17.2
4.17.3
4.17.4
4.17.5
4.17.6
4.17.7
4.17.8
4.17.9
4.18.0
4.18.1
4.19.0
4.20.0
4.20.1
4.20.2
4.21.0
4.21.1
4.21.2
4.22.0
4.22.1
4.22.2
4.22.3
4.22.4
4.22.5
4.22.6
4.22.7
4.22.8
4.22.9
4.23.0
4.23.1
4.23.2
4.23.3
4.23.4
4.23.5
4.23.6
4.24.0
4.25.0
4.25.1
4.25.2
4.25.3
4.25.4
4.25.5
4.25.6
4.25.7
4.25.8
4.25.9
4.25.10
4.25.11
4.26.0
4.26.1
4.26.2
4.26.3
4.26.4
4.26.5
4.27.0
4.27.1
4.27.2
4.27.3
4.28.0
4.28.1
4.28.2
4.28.3
4.29.0
4.29.1
4.29.2
4.29.3
4.29.4
4.29.5
4.30.0
4.30.1
4.30.2
4.30.3
4.30.4
4.30.5
4.30.6
4.30.7
4.30.8
4.30.9
4.30.10
4.30.11
4.30.12
4.30.13
4.30.14
4.30.15
4.30.16
4.31.0
4.31.1
4.31.2
4.31.3
4.31.4
4.31.5
4.31.6
4.32.0
4.32.1
4.33.0
4.33.1
4.33.2
4.33.3
4.33.4
4.33.5
4.33.6
4.33.7
4.33.8
4.33.9
4.33.10
4.33.11
4.33.12
4.33.13
4.33.14
4.34.0
4.34.1
4.34.2
4.34.3
4.34.4
4.34.5
4.34.6
4.34.7
4.34.8
4.34.9
4.34.10
4.34.11
4.34.12
4.34.13
4.34.14
4.35.0
4.35.1
4.35.2
4.35.3
4.35.4
4.35.5
4.35.6
4.35.7
4.35.8
4.35.9
4.35.10
4.36.0
4.36.1
4.36.2
4.37.0
4.37.1
4.37.2
4.37.3
4.37.4
4.37.5
4.37.6
4.37.7
4.37.8
4.38.0
4.38.1
4.38.2
4.38.3
4.38.4
4.38.5
4.38.6
4.39.0
4.39.1
4.39.2
4.39.3
4.39.4
4.39.5
4.39.6
4.39.7
4.40.0
4.40.1
4.41.0
4.41.1
4.41.2
4.41.3
4.42.0
4.42.1
4.42.2
4.43.0
4.43.1
4.44.0
4.46.0
4.47.0
4.49.0
4.50.0
4.50.1
5.*
5.0.0
5.0.1
5.0.2
5.1.0
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.2.0
5.3.0
5.3.1
5.3.2
5.4.0
5.4.1
5.4.2
5.5.0
5.5.1
5.5.2
5.5.3
5.5.4
5.6.0
5.7.0
5.7.1
5.7.2
5.7.3
5.7.4
5.7.5
5.8.0
5.8.1
5.8.2
5.8.3
5.8.4
5.8.5
5.9.0
5.10.0
5.10.1
5.10.2
5.10.3
5.10.4

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jfch-m2x3-2v66/GHSA-jfch-m2x3-2v66.json"

Maven / com.liferay.portal:release.portal.bom

Package

Name
com.liferay.portal:release.portal.bom
View open source insights on deps.dev
Purl
pkg:maven/com.liferay.portal/release.portal.bom

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.3.3

Affected versions

7.*
7.0.6
7.0.6-1
7.0.6-2
7.1.0
7.1.1
7.1.2
7.1.3
7.1.3-1
7.2.0
7.2.1
7.2.1-1
7.3.0
7.3.0-1
7.3.1
7.3.1-1
7.3.2
7.3.2-1

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jfch-m2x3-2v66/GHSA-jfch-m2x3-2v66.json"