GHSA-vrwx-q9pj-x488
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vrwx-q9pj-x488
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vrwx-q9pj-x488/GHSA-vrwx-q9pj-x488.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vrwx-q9pj-x488
- Aliases
- Published
- 2022-05-24T17:29:22Z
- Modified
- 2025-05-28T21:13:28.082418Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Liferay Portal and Liferay DXP Bypass via Double Encoded URL
- Details
-
In Liferay Portal before 7.3.1, com.liferay.portal:com.liferay.portal.impl before 7.1.3 and 7.4.0, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs.
- Database specific
{ "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-284" ], "github_reviewed_at": "2025-05-28T20:02:42Z", "nvd_published_at": "2020-09-24T15:15:00Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2020-15840
- https://github.com/liferay/liferay-portal
- https://issues.liferay.com/browse/LPE-17046
- https://portal.liferay.dev/learn/security/known-vulnerabilities
- https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119772204
- https://security.snyk.io/vuln/SNYK-JAVA-COMLIFERAYPORTAL-1296538
Affected packages
Maven / com.liferay.portal:com.liferay.portal.impl
Package
- Name
- com.liferay.portal:com.liferay.portal.impl
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/com.liferay.portal.impl
Maven / com.liferay.portal:release.dxp.bom
Package
- Name
- com.liferay.portal:release.dxp.bom
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/release.dxp.bom
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.10.fp93
Affected versions
7.*
7.0.10.fp60
7.0.10.fp61
7.0.10.fp62
7.0.10.fp63
7.0.10.fp64
7.0.10.fp65
7.0.10.fp66
7.0.10.fp67
7.0.10.fp68
7.0.10.fp69
7.0.10.fp70
7.0.10.fp71
7.0.10.fp72
7.0.10.fp73
7.0.10.fp74
7.0.10.fp75
7.0.10.fp76
7.0.10.fp77
7.0.10.fp78
7.0.10.fp79
7.0.10.fp80
7.0.10.fp81
7.0.10.fp82
7.0.10.fp83
7.0.10.fp84
7.0.10.fp85
7.0.10.fp85-1
7.0.10.fp86
7.0.10.fp86-1
7.0.10.fp87
7.0.10.fp87-1
7.0.10.fp88
7.0.10.fp89
7.0.10.fp90
7.0.10.fp91
7.0.10.fp92
Maven / com.liferay.portal:release.dxp.bom
Package
- Name
- com.liferay.portal:release.dxp.bom
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/release.dxp.bom
Maven / com.liferay.portal:release.dxp.bom
Package
- Name
- com.liferay.portal:release.dxp.bom
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/release.dxp.bom
Maven / com.liferay.portal:release.portal.bom
Package
- Name
- com.liferay.portal:release.portal.bom
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/release.portal.bom
Maven / com.liferay.portal:com.liferay.portal.impl
Package
- Name
- com.liferay.portal:com.liferay.portal.impl
- View open source insights on deps.dev
- Purl
- pkg:maven/com.liferay.portal/com.liferay.portal.impl
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.1.3
Affected versions
1.*
1.0.0
1.0.1
2.*
2.0.0
2.1.0
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.7.0
2.8.0
2.9.0
2.10.0
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.16.0
2.17.0
2.18.0
2.19.0
2.20.0
2.21.0
2.22.0
2.23.0
2.24.0
2.25.0
2.25.1
2.25.2
2.25.3
2.26.0
2.26.1
2.26.2
2.27.0
2.27.1
2.27.2
2.28.0
2.28.1
2.28.2
2.29.0
2.30.0
2.30.1
2.30.2
2.30.3
2.30.4
2.31.0
2.32.0
2.32.1
2.33.0
2.33.1
2.33.2
2.34.0
2.34.1
2.35.0
2.36.0
2.36.1
2.36.2
2.36.3
2.36.4
2.36.5
2.36.6
2.37.0
2.37.1
2.37.2
2.37.3
2.37.4
2.38.0
2.38.1
2.38.2
2.39.0
2.40.0
2.41.0
2.41.1
2.42.0
2.42.1
2.42.2
2.43.0
2.43.1
2.43.2
2.43.3
2.43.4
2.43.5
2.43.6
2.43.7
2.43.8
2.44.0
2.44.1
2.44.2
2.44.3
2.44.4
2.44.5
2.44.6
2.44.7
2.44.8
2.44.9
2.44.10
2.44.11
2.44.12
2.44.13
2.45.0
2.45.1
2.45.2
2.45.3
2.45.4
2.45.5
2.50.0
2.51.0
2.52.0
2.52.1
2.52.2
2.52.3
2.52.4
2.52.5
2.52.6
2.52.7
2.53.0
2.53.1
2.53.2
2.53.3
2.54.0
2.54.1
2.54.2
2.54.3
2.54.4
2.54.5
2.54.6
2.55.0
2.55.1
2.56.0
2.56.1
2.56.2
2.56.3
2.56.4
2.56.5
2.56.6
2.56.7
2.57.0
2.57.1
2.57.2
2.57.3
2.57.4
2.57.5
2.57.6
2.58.0
2.58.1
2.58.2
2.59.0
2.59.1
2.59.2
2.60.0
2.60.1
2.60.2
2.60.3
2.61.0
2.61.1
2.61.2
2.62.0
2.62.1
2.62.2
2.63.0
2.63.1
2.64.0
2.64.1
2.65.0
2.65.1
2.65.2
2.65.3
2.65.4
2.65.5
2.65.6
2.65.7
2.65.8
2.65.9
2.65.10
2.65.11
2.65.12
2.65.13
2.65.14
2.65.15
2.65.16
2.65.17
2.65.18
2.65.19
2.65.20
2.65.21
2.65.22
2.65.23
2.65.24
2.65.25
2.65.26
2.65.27
2.65.28
2.65.29
2.65.30
2.65.31
2.65.32
2.65.33
2.66.0
2.66.1
2.66.2
2.66.3
2.67.0
2.67.1
2.67.2
2.67.3
2.67.4
2.68.0
2.68.1
2.68.2
2.68.3
2.68.4
2.68.5
2.69.0
2.69.1
2.69.2
2.69.3
2.69.4
2.69.5
2.69.6
2.69.7
2.70.0
2.70.1
2.70.2
2.70.3
2.70.4
2.70.5
2.70.6
2.70.7
2.71.0
2.71.1
2.71.2
2.71.3
2.71.4
2.71.5
2.71.6
2.71.7
2.71.8
2.71.9
2.71.10
2.71.11
2.71.12
2.72.0
2.72.1
2.72.2
2.72.3
2.72.4
2.72.5
2.73.0
2.73.1
2.73.2
2.73.3
2.73.4
2.73.5
2.73.6
2.73.7
2.73.8
2.74.0
2.74.1
2.74.2
2.74.3
2.74.4
2.74.5
2.74.6
2.74.7
2.74.8
2.74.9
2.74.10
2.74.11
2.74.12
2.74.13
2.74.14
2.74.15
2.74.16
2.74.17
2.74.18
2.74.19
2.74.20
2.74.21
2.74.22
2.74.23
2.74.24
2.74.25
2.74.26
2.74.27
2.74.28
2.74.29
2.74.30
2.74.31
2.74.32
2.74.33
2.75.0
2.75.1
2.75.2
2.75.3
2.75.4
2.75.5
2.75.6
2.75.7
2.75.8
2.75.9
2.75.10
2.76.0
2.76.1
2.76.2
2.77.0
2.77.1
2.78.0
2.78.1
2.79.0
2.79.1
2.79.2
2.79.3
2.79.4
2.79.5
2.79.6
2.79.7
2.79.8
2.79.9
2.80.0
2.80.1
2.82.0
2.83.0
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.2.0
3.3.0
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.8
3.3.9
3.3.10
3.3.11
3.3.12
3.3.13
3.4.0
3.4.1
3.4.2
3.4.3
3.4.4
3.5.0
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.6
3.5.7
3.5.8
3.5.9
3.5.10
3.6.0
3.6.1
3.6.2
3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.8.0
3.8.1
3.9.0
3.9.1
3.9.2
3.9.3
3.9.4
3.10.0
3.11.0
3.11.1
3.12.0
3.13.0
3.13.1
3.13.2
3.13.3
3.14.0
3.14.1
3.14.2
3.14.3
3.14.4
3.14.5
3.15.0
3.15.1
3.15.2
3.15.3
3.16.0
3.17.0
3.17.1
3.17.2
3.18.0
3.19.0
3.19.1
3.19.2
3.20.0
3.20.1
3.20.2
3.20.3
3.21.0
3.21.1
3.22.0
3.22.1
3.22.2
3.22.3
3.22.4
3.22.5
3.22.6
3.22.7
3.22.8
3.22.9
3.22.10
3.22.11
3.22.12
3.22.13
3.22.14
3.22.15
3.22.16
3.22.17
3.22.18
3.22.19
3.22.20
3.23.0
3.23.1
3.23.2
3.23.3
3.23.4
3.23.5
3.23.6
3.23.7
3.23.8
3.24.0
3.25.0
3.25.1
3.25.2
3.25.3
3.25.4
3.25.5
3.26.0
3.26.1
3.26.2
3.26.3
3.26.4
3.26.5
3.26.6
3.27.0
3.27.1
3.27.2
3.27.3
3.27.4
3.27.5
3.27.6
3.27.7
3.27.8
3.27.9
3.27.10
3.27.11
3.27.12
3.28.0
3.28.1
3.28.2
3.29.0
3.29.1
3.29.2
3.29.3
3.29.4
3.29.5
3.29.6
3.29.7
3.29.8
3.29.9
3.29.10
3.30.0
3.30.1
3.31.0
3.32.0
3.32.1
3.33.0
3.33.1
3.34.0
3.35.0
3.35.1
3.35.2
3.36.0
3.36.1
3.36.2
3.37.0
3.37.1
3.38.0
3.38.1
3.38.2
3.39.0
3.39.1
3.40.0
3.41.0
3.41.1
3.41.2
3.41.3
3.41.4
3.42.0
3.43.0
3.44.0
3.44.1
3.45.0
3.45.1
3.45.2
3.45.3
3.45.4
3.45.5
3.45.6
3.45.7
3.45.8
3.46.0
3.47.0
3.48.0
3.48.1
3.48.2
3.49.0
3.49.1
3.49.2
3.49.3
3.49.4
3.49.5
3.49.6
3.49.7
3.49.8
3.49.9
3.49.10
3.49.11
3.49.12
3.49.13
3.49.14
3.49.15
3.49.16
3.49.17
3.49.18
3.49.19
3.49.20
3.50.0
3.50.1
3.50.2
3.50.3
3.50.4
3.50.5
3.50.6
3.50.7
3.50.8
3.50.9
3.50.10
3.50.11
3.50.12
3.50.13
3.50.14
3.50.15
3.50.16
3.50.17
3.50.18
3.50.19
3.50.20
3.50.21
3.51.0
3.51.1
3.51.2
3.51.3
3.51.4
3.51.5
3.52.0
3.52.1
3.52.2
3.52.3
3.52.4
3.52.5
3.52.6
3.52.7
3.53.0
3.53.1
3.53.2
3.53.3
3.53.4
3.54.0
3.54.1
3.54.2
3.54.3
3.54.4
3.55.0
3.55.1
3.55.2
3.55.3
3.55.4
3.55.5
3.55.6
3.55.7
3.56.0
3.56.1
3.56.2
3.56.3
3.56.4
3.56.5
3.56.6
3.56.7
3.56.8
3.56.9
3.56.10
3.56.11
3.56.12
3.56.13
3.56.14
3.56.15
3.56.16
3.56.17
3.56.18
3.56.19
3.56.20
3.57.0
3.57.1
3.57.2
3.57.3
3.57.4
3.57.5
3.58.0
3.58.1
3.58.2
3.58.3
3.58.4
3.58.5
3.58.6
3.58.7
3.58.8
3.58.9
3.58.10
3.58.11
3.58.12
3.58.13
3.58.14
3.58.15
3.58.16
3.58.17
3.58.18
3.58.19
3.58.20
3.58.21
3.58.22
3.58.23
3.58.24
3.58.25
3.58.26
3.58.27
3.59.0
3.59.1
3.59.2
3.59.3
3.59.4
3.59.5
3.59.6
3.59.7
3.59.8
3.59.9
3.60.0
3.60.1
3.61.0
3.62.0
3.62.1
3.62.2
3.62.3
3.62.4
3.62.5
3.62.6
3.62.7
3.62.8
3.62.9
3.63.0
3.63.1
3.63.2
3.63.3
3.63.4
3.63.5
3.63.6
3.63.7
3.63.8
3.64.0
3.64.1
3.64.2
3.65.0
3.65.1
3.65.2
3.65.3
3.66.0
3.66.1
3.66.2
3.66.3
3.66.4
3.66.5
3.66.6
3.67.0
3.67.1
3.67.2
3.67.3
3.67.4
3.67.5
3.67.6
3.67.7
3.68.0
3.68.1
3.68.2
3.68.3
3.69.0
3.70.0
3.71.0
3.71.1
3.71.2
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.0.11
4.1.0
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.1.10
4.1.11
4.1.12
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.6.0
4.7.0
4.7.1
4.7.2
4.8.0
4.8.1
4.8.2
4.8.3
4.8.4
4.9.0
4.9.1
4.9.2
4.9.3
4.9.4
4.9.5
4.10.0
4.11.0
4.11.1
4.11.2
4.11.3
4.11.4
4.11.5
4.11.6
4.11.7
4.11.8
4.12.0
4.12.1
4.12.2
4.12.3
4.12.4
4.12.5
4.12.6
4.12.7
4.12.8
4.12.9
4.12.10
4.12.11
4.12.12
4.13.0
4.14.0
4.14.1
4.14.2
4.14.3
4.14.4
4.14.5
4.14.6
4.14.7
4.14.8
4.14.9
4.14.10
4.14.11
4.14.12
4.14.13
4.14.14
4.14.15
4.14.16
4.14.17
4.14.18
4.14.19
4.14.20
4.16.0
4.16.1
4.16.2
4.17.0
4.17.1
4.17.2
4.17.3
4.17.4
4.17.5
4.17.6
4.17.7
4.17.8
4.17.9
4.18.0
4.18.1
4.19.0
4.20.0
4.20.1
4.20.2
4.21.0
4.21.1
4.21.2
4.22.0
4.22.1
4.22.2
4.22.3
4.22.4
4.22.5
4.22.6
4.22.7
4.22.8
4.22.9
4.23.0
4.23.1
4.23.2
4.23.3
4.23.4
4.23.5
4.23.6
4.24.0
4.25.0
4.25.1
4.25.2
4.25.3
4.25.4
4.25.5
4.25.6
4.25.7
4.25.8
4.25.9
4.25.10
4.25.11
4.26.0
4.26.1
4.26.2
4.26.3
4.26.4
4.26.5
4.27.0
4.27.1
4.27.2
4.27.3
4.28.0
4.28.1
4.28.2
4.28.3
4.29.0
4.29.1
4.29.2
4.29.3
4.29.4
4.29.5
4.30.0
4.30.1
4.30.2
4.30.3
4.30.4
4.30.5
4.30.6
4.30.7
4.30.8
4.30.9
4.30.10
4.30.11
4.30.12
4.30.13
4.30.14
4.30.15
4.30.16
4.31.0
4.31.1
4.31.2
4.31.3
4.31.4
4.31.5
4.31.6
4.32.0
4.32.1
4.33.0
4.33.1
4.33.2
4.33.3
4.33.4
4.33.5
4.33.6
4.33.7
4.33.8
4.33.9
4.33.10
4.33.11
4.33.12
4.33.13
4.33.14
4.34.0
4.34.1
4.34.2
4.34.3
4.34.4
4.34.5
4.34.6
4.34.7
4.34.8
4.34.9
4.34.10
4.34.11
4.34.12
4.34.13
4.34.14
4.35.0
4.35.1
4.35.2
4.35.3
4.35.4
4.35.5
4.35.6
4.35.7
4.35.8
4.35.9
4.35.10
4.36.0
4.36.1
4.36.2
4.37.0
4.37.1
4.37.2
4.37.3
4.37.4
4.37.5
4.37.6
4.37.7
4.37.8
4.38.0
4.38.1
4.38.2
4.38.3
4.38.4
4.38.5
4.38.6
4.39.0
4.39.1
4.39.2
4.39.3
4.39.4
4.39.5
4.39.6
4.39.7
4.40.0
4.40.1
4.41.0
4.41.1
4.41.2
4.41.3
4.42.0
4.42.1
4.42.2
4.43.0
4.43.1
4.44.0
4.46.0
4.47.0
4.49.0
4.50.0
4.50.1
5.*
5.0.0
5.0.1
5.0.2
5.1.0
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.2.0
5.3.0
5.3.1
5.3.2
5.4.0
5.4.1
5.4.2
5.5.0
5.5.1
5.5.2
5.5.3
5.5.4
5.6.0
5.7.0
5.7.1
5.7.2
5.7.3
5.7.4
5.7.5
5.8.0
5.8.1
5.8.2
5.8.3
5.8.4
5.8.5
5.9.0
5.10.0
5.10.1
5.10.2
5.10.3
5.10.4
5.11.0
5.11.1
5.11.2
5.11.3
5.12.0
5.12.1
5.12.2
5.13.0
5.13.1
5.13.2
5.13.3
5.13.4
5.14.0
5.14.1
5.14.2
5.14.3
5.14.4
5.14.5
5.14.6
5.14.7
5.14.8
5.14.9
5.14.10
5.15.0
5.16.0
5.16.1
5.16.2
5.16.3
5.16.4
5.16.5
5.16.6
5.16.7
5.16.8
5.16.9
5.16.10
5.16.11
5.17.0
5.17.1
5.17.2
5.18.0
5.18.1
5.18.2
5.18.3
5.19.0
5.20.0
5.20.1
5.20.2
5.20.3
5.20.4
5.20.5
5.20.6
5.20.7
5.20.8
5.20.9
5.20.10
5.21.0
5.21.1
5.21.2
5.21.3
5.21.4
5.22.0
5.22.1
5.22.2
5.22.3
5.22.4
5.22.5
5.22.6
5.23.0
5.23.1
5.23.2
5.23.3
5.23.4
5.23.5
5.23.6
5.23.7
5.23.8
5.23.9
5.23.10
5.23.11
5.23.12
5.23.13
5.23.14
5.23.15
5.23.16
5.23.17
5.23.18
5.23.19
5.24.0
5.24.1
5.25.0
5.25.1
5.25.2
5.25.3
5.26.0
5.26.1
5.26.2
5.26.3
5.26.4
5.26.5
5.26.6
5.26.7
5.26.8
5.27.0
5.27.1
5.27.2
5.27.3
5.27.4
5.27.5
5.27.6
5.27.7
5.28.0
5.28.1
5.28.2
5.29.0
5.29.1
5.29.2
5.29.3
5.30.0
5.30.1
5.30.2
5.31.0
5.31.1
5.31.2
5.31.3
5.31.4
5.31.5
5.31.6
5.31.7
5.31.8
5.31.9
5.31.10
5.31.11
5.31.12
5.31.13
5.31.14
5.31.15
5.31.16
5.31.17
5.32.0
5.32.1
5.32.2
5.32.3
5.32.4
5.32.5
5.32.6
5.33.0
5.33.1
5.33.2
5.33.3
5.34.0
5.34.1
5.34.2
5.34.3
5.34.4
5.35.0
5.35.1
5.35.2
5.35.3
5.35.4
5.35.5
5.35.6
5.35.7
5.35.8
5.35.9
5.35.10
5.35.11
5.35.12
5.36.0
5.36.1
5.36.2
5.36.3
5.36.4
5.36.5
5.36.6
5.36.7
5.36.8
5.37.0
5.37.1
5.38.0
5.39.0
5.39.1
5.39.2
5.39.3
5.39.4
5.39.5
5.39.6
5.40.0
5.40.1
5.40.2
5.41.0
5.41.1
5.41.2
5.41.3
5.42.0
5.42.1
5.42.2
5.43.0
5.43.1
5.43.2
5.43.3
5.44.0
5.45.0
5.45.1
5.46.0
5.46.1
5.47.0
5.47.1
5.47.2
5.48.0
5.48.1
5.48.2
5.49.0
5.49.1
5.49.2
5.50.3
5.51.0
5.52.0
5.52.1
5.54.0
5.55.0
5.55.1
5.55.2
6.*
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.1.0
6.1.1
6.1.2
6.2.0
6.2.1
6.2.2
6.3.0
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
7.*
7.0.0
7.0.1
7.0.2
7.0.3
7.0.4
7.1.0
7.1.1
7.1.2