https://vulnerability.circl.lu/sightings/feed 2026-05-05T02:34:40.714872+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/7d97fbf5-7e6e-47af-9bda-3391635e5622/export 2026-05-05T02:34:41.201209+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7d97fbf5-7e6e-47af-9bda-3391635e5622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33949", "type": "seen", "source": "https://t.me/cibsecurity/64701", "content": "\u203c CVE-2023-33949 \u203c\n\nIn Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-24T20:27:25.000000Z"} 2023-05-24T20:27:25+00:00