Liferay DXP Vulnerability - CVE-2020-15840 - Vulnerability Database

Liferay DXP Vulnerability - CVE-2020-15840

Medium
Reference: CVE-2020-15840
Title: Liferay DXP Vulnerability
Overview:

In Liferay Portal before 7.3.1 Liferay Portal 6.2 EE and Liferay DXP 7.2 DXP 7.1 and DXP 7.0 the property 39portlet.resource.id.banned.paths.regexp39 can be bypassed with doubled encoded URLs.