Does CVE-2016-1000027 affect Liferay?


  • Security scan shows CVE-2016-1000027 as an active vulnerability, is Liferay affected?


  • DXP 7.4


  • CVE-2016-1000027 is known to us, and we can confirm that Liferay should not be vulnerable, as Liferay does not use the following components: HttpInvokerServiceExporter and readRemoteInvocation.
  • The vulnerability only exists if these endpoints are exposed to untrusted clients.
Este artigo foi útil?
Utilizadores que acharam útil: 1 de 1