Nguyen Jang

**Name of the Vulnerable Software and Affected Versions** Liferay Portal CE version 6.2.5 **Description** The issue allows remote command execution due to deserialization of a JSON payload. **Recommendations** For Liferay Portal CE version 6.2.5, update to a version that includes a fix for this issue, as deserialization of JSON payloads can lead to remote command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.