CVE-2019-16891: Liferay Portal Allows RCE via Deserialization of a JSON Payload

Severity: Critical

CVSS Score: 9.8

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.