post, attackers may be actively attempting to exploit Liferay Portal 6.2 EE and DXP through the vulnerabilities reported in 

LSV-412

  and 

This is a reminder alert regarding two security alerts previously released in 2018 December and 2019 October. As a result of a recent public LSV-545.

blog

 post, attackers may be actively attempting to exploit Liferay Portal 6.2 EE and DXP through the vulnerabilities reported inLiferay strongly recommends customers to review their Liferay Portal 6.2 EE and DXP environments immediately to make sure they are running on a patch level where these vulnerabilities are already fixed (see the fixed versions below).

Vulnerability

These vulnerabilities have already been addressed with the following security alerts:LSV-412

 and LSV-545.

Liferay strongly recommends customers to review their Liferay Portal 6.2 EE and DXP environments immediately to make sure they are running on a patch level where these vulnerabilities are already fixed (see the fixed versions below).

Vulnerability

These vulnerabilities have already been addressed with the following security alerts:

• LSV-412 (2018 December)
• LSV-545 (2019 October)

Security Level

Severity Level 1

Instructions

Please refer to the Help Center pages referenced above to learn more about each vulnerability and to get information about the patch availability. As a quick reference, we have provided a list of the versions and patch levels where these vulnerabilities are already fixed:

• Liferay Portal 6.2 EE Portal-171+
• Liferay DXP 7.0 Fix Pack 87+ or Service Pack 12+
• Liferay DXP 7.1 Fix Pack 15+ or Service Pack 3+
• Liferay DXP 7.2 Fix Pack 2+ or Service Pack 1+