CVE-2021-29050

Published: Feb 20, 2024

Modified: Apr 24, 2025

PUBLISHED

Description

Cross-Site Request Forgery (CSRF) vulnerability in the terms of use page in Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use via social engineering and enticing the user to visit a malicious page.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29050

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-29050

Description

Affected Products

References