Description
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.
Remediation
References
Related Vulnerabilities
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2019-14887)
WordPress Plugin Advanced XML Reader XML External Entity Information Disclosure (0.3.4)
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595)
Oracle Database Server CVE-2011-0792 Vulnerability (CVE-2011-0792)