{"vulnerability": "CVE-2022-38512", "sightings": [{"uuid": "32b9906b-08f0-413a-9dc3-4362bd69596a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38512", "type": "seen", "source": "https://t.me/cibsecurity/50258", "content": "\u203c CVE-2022-38512 \u203c\n\nThe Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:56.000000Z"}]}