Search Results

All Results 55
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Are URLs that display/download Liferay JS information a vulnerability?
legacy
Issue Some monitoring tools may identify certain URLs that are accessible during routine scans that should not have allowed access. Among the URLs that are typically detected are URLs that can download Liferay's JS...
Folder naming rules for Web content, documents and media
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue...
Deploying to an Existing Build via CLI Tool
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue The user wants to know if it is possible to deploy to an...
How to store and view what users selected for the Cookie Consent banner?
legacy
Issue We have enabled Liferay's cookie consent banner for our site. Could you please guide us on where to locate the log of cookies accepted by our site visitors? As a point of reference, here is an example of how the...
Blocking requests before reaching the WebServer on Liferay PaaS (Public Cluster)
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue We have encountered requests from unauthenticated...
Enable Masking on Personal Information Data in Liferay PaaS
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue We have a requirement to mask the PI (Personal...
Version not available on CDN in the product_info.json
legacy
Issue Liferay version is not available on https://releases-cdn.liferay.com/tools/workspace/.product_info.json. Environment DXP 7.3-u36+ 2023 Q4.x+ Resolution Since the introduction of the Quarterly Releases, it was...
Missing Folder Hierarchy in Related Assets Selection for Web Content
legacy
Issue Currently, it's only possible to find and select related files in a Web Content by searching by name. This becomes impractical when dealing with thousand of files that don't have semantic names but are...
SearchBarPortlet on private page
legacy
Issue We use SearchBarPortlet in our public and private appearance themes. Also, we have configured as 'destination', a results page with '/search-results' as friendlyURL. This page exists as public and private....
When trying to access a user's private page, a "404 Page Not Found" populates instead of the Login prompt
legacy
Issue When trying to access a user's private page, we are transferred to a "404 Page Not Found" error page instead of the Login page that we were expecting.  Environment DXP 7.4 Quarterly Release Resolution Not being...
What is the user password algorithm and format of the stored passwords?
legacy
Issue We would like to understand the formatting of passwords as they're saved in Liferay. What algorithm, salt, and hash format is being used to store passwords?  Environment DXP 7.1 Resolution Example Password:...
Accessibility: Success Criterion 4.1.1 Parsing (WCAG 2.1)
legacy
Issue The tool https://validator.w3.org shows accessibility issues related to success criterion 4.1.1 Parsing. Environment 2024.q1 Resolution Since WCAG 2.2, success criterion 4.1.1 Parsing is considered...
Service Organization Control (SOC) -1 Type 2 report
legacy
Issue Service Organization Control (SOC) -1 Type 2 report for auditing purposes. Environment Liferay DXP Resolution The SOC-1 report focuses on financial controls and their evaluation and this reporting is not...
Time format displayed in AM/PM format instead of 24 hour
legacy
Issue Liferay displays Time format differently on the site's time picker than on the OS. Environment DXP 7.4 + Resolution This behavior is due to the changes of LPS-169277 where the old time picker has been replaced by...
Is Liferay 7.4 vulnerable to CVE-2024-25148?
legacy
Issue We've reviewed the official documentation (https://nvd.nist.gov/vuln/search/results) which lists some Liferay versions affected, so we would like to know if the 7.4 versions is vulnerable to this CVE....
What MySQL version is supported in Liferay Cloud?
legacy
Issue User wishes to know which MySQL version is supported in Liferay Cloud.   Environment Liferay Cloud Resolution Currently MySQL 5.7 is supported in Liferay Cloud. Additional Information MySQL  ,...
Liferay's OpenID Connect implementation does not account for language variations for ui_locales
legacy
Issue Liferay's OpenID Connect implementation does not account for language variations for ui_locales. For example, Selecting English (United States) on Liferay sets ui_locales to en. Selecting Chinese (either Traditional...
A blank SAML redirect screen is seen even with redirect message disabled
legacy
Issue A blank intermediary page (showing "Please select your identity provider" title and /portal/c/portal/login?redirect=%2Fportal%2F&refererPlid=[sanitized]&p_l_id=[sanitized] URL) is being seen even with the hotfix...
Files uploaded with Guest view permission - Forms Upload field
legacy
Issue When a document is added in the Form Upload field it will have 'Guest view' permission. When a document is added directly in the Document and Media library it will NOT have 'Guest view' permission. Is there a...
Security Issue: CVE-2024-28752 - Apache CXF
legacy
Issue Security vulnerability CVE-2024-28752 details a SSRF vulnerability with the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3, and 3.5.8, which would allow an attacker to perform SSRF style attacks...