Red Hat · Jboss Enterprise Portal Platform · CVE-2013-0314
**Name of the Vulnerable Software and Affected Versions**
JBoss Enterprise Portal Platform version 5.2.2
**Description**
The issue concerns the GateIn Portal export/import gadget, which fails to properly check authentication when importing Zip files. This allows remote attackers to modify site contents, remove the site, or alter the access controls for portlets.
**Recommendations**
For JBoss Enterprise Portal Platform version 5.2.2, consider restricting access to the import functionality of the GateIn Portal export/import gadget until a proper fix is available, to minimize the risk of unauthorized modifications to site contents or access controls.