Liferay DXP Vulnerability - CVE-2020-15840
In Liferay Portal before 7.3.1 Liferay Portal 6.2 EE and Liferay DXP 7.2 DXP 7.1 and DXP 7.0 the property 39portlet.resource.id.banned.paths.regexp39 can be bypassed with doubled encoded URLs.
In Liferay Portal before 7.3.1 Liferay Portal 6.2 EE and Liferay DXP 7.2 DXP 7.1 and DXP 7.0 the property 39portlet.resource.id.banned.paths.regexp39 can be bypassed with doubled encoded URLs.