Search Results

When using the AIX operating system with Liferay Portal 6.1, a license may fail to deploy, giving the output: License is in use by another instance. Resolution This license issue is due to a known issue with AIX, in which neither ipconfig nor ifconfig will return the mac address for the...

This article documents a known behavior where Message Boards' CKEditor—when configured to HTML—will have text stripped from hyperlinks after a post. This is usually observed after setting the protocol to Other. Resolution This behavior is expected under Liferay DXP's Antisamy...

When searching, guest users are able to see highlighted folders, categories, and threads when they have no permission to view them. Resolution During search, Liferay runs a permission check on each of the results to see if the user that is searching has rights to view the result in...

Activation Key deployment for Liferay Portal versions 5.2.9 (Service Pack 5) to 6.0.x is different from key deployment for Liferay versions 5.2 SP4 and earlier. Activation keys are no longer generated based off the Server ID. Instead, you'll need an .xml key file. This file will be...

CVE-2018-3831 reports that, "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such...

This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. In older versions of Liferay Portal (e.g. 5.1.x, 5.2 EE SP3), by default, Liferay will import all user groups a...

The following Common Vulnerabilities and Exposures (CVE) have been reported for Apache Struts 2: CVE-2017-9805 CVE-2017-12611 CVE-2018-1327 - REST XStream FreeMarker CVE-2018-11776 How are Liferay DXP (both 7.0 and 7.1) and Liferay Portal affected by the Apache Struts 2 Vulnerability?...

This article documents Liferay's position regarding the Session Identifier (JSESSIONID), including how and why a new JSESSIONID is generated.  Resolution Customers doing their own security scan of the Liferay platform might have noticed that a new JSESSIONID may have been generated....

This article documents a known issue where refreshing the CAPTCHA image causes a Java NullPointerException (NPE) to be triggered. Please note that the CAPTCHA image will still be refreshed. Steps to Reproduce Start the Liferay Digital Enterprise 7.0 platform. Click the Sign In link at...

Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these principles is the responsibility of the subscriber. This article contains a...

This article documents an issue that has been reported by some users working on Liferay Digital Experience Platform (DXP). It is a cookies issue that has been reported, and the issue arises when using certain versions of Internet Explorer behind a two-character domain...

This article serves as a reference guide on how to use the getOriginalServletRequest function to get the default queryString when using the OSGi framework. Developers familiar with Liferay Portal 6.2 EE and now using DXP 7.0 (also 7.1, 7.2 or 7.3) will find that certain requests are now...

When deploying Liferay DXP 7.0 Fix Pack 24, 25, 26 or 27, the WeDeploy Auth Admin portlet will appear in the Control Panel. WeDeploy is currently a beta product. The addition of this portlet will have no impact or security risk.  Installing an affected fix pack will result in the...

This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. Security-hotfix-11-6012, which is available for Liferay Portal 6.0 EE SP2, is preventing embedded portlets from...

In Liferay Portal 6.0 EE SP2, a new Creole parser for the Wiki portlet has been implemented and changed how links are parsed. For example, previously in 6.0 EE SP1, links using single brackets like "[ ]" will redirect the user to a new Wiki page. In 6.0 EE SP2 and newer versions, links...

For customers working on Liferay DXP 7.1, the following table has been formed to serve you and provide current information regarding known issues that have been discovered, reported, or resolved. Please be sure to check the linked LPS ticket for more information on an issue. We also...

For customers working on Liferay DXP 7.0, the following table has been formed to serve you and provide current information regarding known issues that have been discovered, reported, or resolved. Please be sure to check the linked LPS ticket for more information on an issue. We also...

This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. When a session of Liferay times-out, an Invalid Authentication error is displayed. When the error is displayed, it...

This article highlights several changes to front-end tools and features with User Interface for Liferay DXP 7.0. Resolution Here are some highlighted changes followed by brief explanations of new projects: Modularization; css and javascript files can be moved with modified file...

This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. While using Internet Explorer 8 Compatibility mode, some of the CKEditor tool bar options are missing and thus...