Search Results

All Results 57
Sort By
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Liferay accepts only fully signed SAML responses. Can this requirement be turned off?
legacy
Issue From a security standpoint, it's a best practice to sign the Response. However, we can switch off this requirement in our other apps. I can understand that Liferay by default requires the complete signature of...
When editing the code editor in the dispatch details tab, is it possible to register in JSON format?
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us....
Is there any risk in the time zone change?
legacy
Issue We want to change the time Zone from GMT+2 to GMT+3. Does this change have any impact or risk on the production environment?   Environment Liferay DXP 7.2   Resolution Our suggestion is not to change...
Asset Publisher widget configuration saves by itself
legacy
Issue The Asset Publisher widget configuration saves itself when changing the Asset Selection Environment Liferay Portal EE 6.2 Liferay DXP 7.0+ Resolution  This is the expected behavior of the Asset Publisher...
To be able to generate a URL of a Publication so that a reviewer can see a publication without logging in
legacy
Issue Require a feature that allows to send a link to those who are not registered users on the platform in order for them to view a publication. Environment Liferay DXP [all versions] Resolution This requirement...
Is Liferay vulnerable to CVE-2023-40371 and CVE 2023-38408?
legacy
Issue Is Liferay vulnerable to any of these vulnerabilities? Environment DXP 6.2+ Resolution No, Liferay is not vulnerable to any of these two. Neither CVE relates to any Liferay features, so they do not...
Liferay Achieve (LAR) file size limit
legacy
Issue Is there a limit in the size of a LAR file? Environment Liferay Portal Liferay DXP Resolution Export: There is no real limit, how large a LAR file can be during exporting Import: The file size limit is...
"Forced" re-assignment of a Workflow task
legacy
Issue Is it possible to re-assign a Workflow task? Consider the following scenario: A user assigns a workflow task to themselves This user resigns/disappears/goes on holiday without processing the task at hand...
Image URLs in headless API responses include the port number
legacy
Issue While using the headless API, users can see the port with the source URL.  Environment Liferay DXP 7.4 Commerce 4.0 Resolution This is the expected behavior as Liferay is either serving the full URL,...
File size UI message with web content
legacy
Issue When creating web content and selecting an image, users need to choose the standard image size. Currently, while selecting an image, the image size is not displayed. Environment Liferay DXP [all version]...
Upload same document in multiple languages
legacy
Issue Can the same document be uploaded in multiple languages? Environment DXP 7.3 Resolution Liferay DXP does not currently support this function, but there is currently a feature request for it to be added...
Content Page History
legacy
Issue We wanted to check with Liferay support if there is any functionality for viewing content page history or to revert back to previous version? Environment DXP 7.3 Resolution Liferay DXP does not currently...
The edited value of a Field Reference is not saved in the database
legacy
Issue When you create a form and add, for example, a Text field and in its advanced settings you change the Field Reference field, after publising the form, you will expect to find that the new value of the...
The fields of the custom theme need to be re-filled
legacy
Issue When using the look-and-feel.xml file to create a custom theme in Liferay, users observe that when they update the theme and reapply it, the previously entered data in the custom theme fields is lost. This...
Is One Time Password's expiration configurable?
legacy
Issue When does One Time Password expire? Can you set the validity timeframe of the OTP? Environment DXP 7.2+ Resolution OTP is HTTP session based, if the session expires, OTP expires as well. And it can only be used...
Changing events to a past date
legacy
Issue Is it possible to edit expired events to change the date to past date? Environment All environments Resolution This is the expected behavior and the best practice that you can only set the expiry date to a...
Is it possible to customize user roles in our Liferay Cloud environment?
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue I would like to know how to set custom user roles for team...
HTML Injection in the Classic Search Portlet (Legacy)
legacy
Issue Our security tool identified HTML Injection issue. Reproduction Steps: 1. Start up Liferay DXP 7.4 Update 62 2. On the home page, add a widget "Search". 3. In the address bar, enter the URL...
Does Liferay support more than one SAML connection?
legacy
Issue Can Liferay connect to more than one Service or Identity Provider? Environment  DXP 7.0  DXP 7.1  DXP 7.2  DXP 7.3  DXP 7.4 Resolution Yes, Liferay does support more than one SAML or Identity Provider...
Does having a script in the Analytics section qualify as a potential XSS vulnerability?
legacy
Issue We can put Javascript code in the Matomo (DXP 7.4) or Piwiki (DXP 7.0-7.3) field where the code can be executed on every other page Go to a Site's Configuration -> Site Settings -> Analytics Under the...
Unable to delete all public pages in the default site 'Guest'
legacy
Issue When I try to remove the last public page in 'Guest' site, the 'Delete' option is missing from the Options Menu. It is not possible to revoke View permission for Guest users either because the option appears...
Can we configure an internal email address to receive a copy of all Email Verification messages?
legacy
Issue The Email Verification Notification message is sent to new Users when asked to verify their Email Address. We would like to set up an internal email address, which would be added as a BCC on all Verification...
Set expiration on password reset URL for new accounts
legacy
Issue When a new user is created, the password set URL is sent to the new users' email but it doesn't has expiration.  Currently, reset password links can be set to expire with the following portal...
Issues with Form "Export"
legacy
Issue After one (or more) update of a specific form, the "Export" feature is not always able to export all the previously submitted data Environment Liferay DXP 7.3 Liferay DXP 7.4 Resolution Liferay UI prompts...
How to calculate the correct setting for discovery.zen.minimum_master_nodes?
legacy
Issue What is the best value for thediscovery.zen.minimum_master_nodes property in 3 nodes clustered elastic search environment? Is my calculation correct? My calculation is below for 3 nodes: 3/2 + 1 = 1.5 + 1 = 2.5...
Security configuration related to session management
legacy
Issue There are some security configuration requirement regarding session management. Environment Liferay DXP 7.4 Resolution Application uses the 'referrer' header as a supplemental check only, and not just for any...
Unable to edit react fargment
legacy
Issue The user has created and uploaded a react fragment, but is unable to edit the same. Environment Liferay DXP 7.3 Liferay DXP 7.4 Resolution This is an intended behavior of the Liferay, to avoid bad experiences...
Client's public IP is visible in source code
legacy
Issue User is able to see their own public IP while checking the source code of a page on the Liferay portal. Environment Liferay DXP 7.3 Liferay DXP 7.4 Resolution The public IP is visible through the...
Where are comments entered by other users when assigning, approving, or rejecting workflow tasks managed?
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us....
Can I select mutiple images when inserting image in the Web Content
legacy
Issue Can I select multiple images for insertion in html field/rich text field in the Web Content? Environment Liferay DXP 7.1 Liferay DXP 7.4 Resolution The inline editor (Alloy Editor, CKEditor) will insert the image...
How do Segments sync between Liferay and Analytics Cloud?
legacy
Issue We created a segment in Liferay but it has not synced yet. How can we sync it to Analytics Cloud? Environment Analytics Cloud DXP 7.3+ Resolution The sync only happens one way: from Analytics Cloud to Liferay. So...
Security Issue: Admin URL is exposed in the Guest view of the Home page
legacy
Issue The line below can be found on pages where guest users should not see confidential data. getSiteAdminURL: function() { return...
sr-only elements
legacy
Issue class="sr-only" elements can be observed in the HTML of my pages. Environment Liferay DXP 7.3+ Resolution Does not need to be removed and it is not malicious. It is implemented by the changes made on LPS-118487...
Maximum Number of Organizations that can be created in one Liferay instance
legacy
Issue We would like to know the maximum number of Organizations that can be created in one Liferay instance. Could you please let us know if there is a limit to this? Environment DXP 7.0+ Resolution There is no...
Modified by field shows the anonymized user as the modifier after its deletion
legacy
Issue If we create an asset, e.g. a document with a user, who we delete afterward and anonymize the assets it created, then the Modified by field shows that user as the modifier even if we anonymized that...
SQL injection Sleepy user agent attack
legacy
Issue Liferay does not restrict a URL that has a 'sleepy user agent' query appended to it like: https://domain/page?1%2b(select*from(select(sleep(x)))a)%2b=1 Environment Liferay DXP 7.4 Resolution Sleepy user agent...
Editing or adding a document through D&M widget will redirect to DLAdminPortlet
legacy
Issue Add Documents and Media widget on a page Open the widget's configuration and activate "Show Actions" Click on "+" and upload a file (alternatively, edit a file) Result: The view will not open within the...
Existing role was updated/replaced by the role imported from lar
legacy
Issue Steps: Export a regular role from instance A and import it to instance B. Modify the name of the regular role on instance B. Exported the regular role from instance B and imported it to instance A. Expected result:...
lastLoginDate values are not correct in User_ table
legacy
Issue It’s noted that the last login date details are not correct in User_ table. The understanding is that lastLoginDate values should reflect those seen in the loginDate column. Environment DXP 7.3   DXP 7.4...
How to identify live publication records of Staging that were made in my environment?
legacy
Issue In addition to the path Admin Menu > Publishing > Staging, is there any way to identify all Staging > Live publication records that were made in my environment?   Environment Liferay DXP 7.0.X - 7.4.X  ...