Maven/Com.liferay/Com.liferay.saml.impl | GitLab Advisory Database

Liferay Portal and DXP does not properly expire sessions

Liferay Portal/DXP contains an Insufficient Session Expiration issue where the Single Logout (SLO) API may fail to invalidate a user’s previous session. An attacker can reuse a stale session via the SLO endpoint to gain an authenticated context.

Advisories for Maven/Com.liferay/Com.liferay.saml.impl package