An Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and Liferay DXP 7.3 before update 4, and 7.4 GA allows remote authenticated users to view and access form entries via the `formInstanceRecordId` parameter.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2022-11-15T00:00:00
Updated: 2024-08-03T13:03:45.442Z
Reserved: 2022-10-03T00:00:00
Link: CVE-2022-42129

No data.

Status : Modified
Published: 2022-11-15T02:15:11.590
Modified: 2024-11-21T07:24:25.490
Link: CVE-2022-42129

No data.