Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0954
Vulnerability from certfr_avis - Published: 2025-11-03 - Updated: 2025-11-14
De multiples vulnérabilités ont été découvertes dans Liferay. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Liferay DXP versions 2023.Q3.x et 2023.Q4.x ant\u00e9rieures \u00e0 2024.Q1.1",
"product": {
"name": "DXP",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "Liferay Portal versions 7.4.x ant\u00e9rieures \u00e0 7.4.3.112",
"product": {
"name": "Portal",
"vendor": {
"name": "Liferay",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43818"
},
{
"name": "CVE-2025-43762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43762"
},
{
"name": "CVE-2025-43749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43749"
},
{
"name": "CVE-2024-26266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26266"
},
{
"name": "CVE-2024-25151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25151"
},
{
"name": "CVE-2023-40191",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40191"
},
{
"name": "CVE-2025-43748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43748"
},
{
"name": "CVE-2025-43829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43829"
},
{
"name": "CVE-2025-43813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43813"
},
{
"name": "CVE-2024-25609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25609"
},
{
"name": "CVE-2024-26267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26267"
},
{
"name": "CVE-2023-42498",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42498"
},
{
"name": "CVE-2025-62242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62242"
},
{
"name": "CVE-2025-43769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43769"
},
{
"name": "CVE-2025-43751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43751"
},
{
"name": "CVE-2025-62252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62252"
},
{
"name": "CVE-2025-62250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62250"
},
{
"name": "CVE-2023-44308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44308"
},
{
"name": "CVE-2025-62247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62247"
},
{
"name": "CVE-2023-5190",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5190"
},
{
"name": "CVE-2025-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43820"
},
{
"name": "CVE-2025-62259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62259"
},
{
"name": "CVE-2024-25607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25607"
},
{
"name": "CVE-2025-43807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43807"
},
{
"name": "CVE-2024-26269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26269"
},
{
"name": "CVE-2025-43758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43758"
},
{
"name": "CVE-2021-29038",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29038"
},
{
"name": "CVE-2024-26268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26268"
},
{
"name": "CVE-2023-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37940"
},
{
"name": "CVE-2025-62245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62245"
},
{
"name": "CVE-2025-43765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43765"
},
{
"name": "CVE-2025-3586",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3586"
},
{
"name": "CVE-2025-62267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62267"
},
{
"name": "CVE-2025-43811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43811"
},
{
"name": "CVE-2023-42496",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42496"
},
{
"name": "CVE-2025-43808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43808"
},
{
"name": "CVE-2025-62239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62239"
},
{
"name": "CVE-2025-43830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43830"
},
{
"name": "CVE-2024-25150",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25150"
},
{
"name": "CVE-2023-47798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47798"
},
{
"name": "CVE-2025-43779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43779"
},
{
"name": "CVE-2025-62246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62246"
},
{
"name": "CVE-2025-43772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43772"
},
{
"name": "CVE-2025-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43826"
},
{
"name": "CVE-2025-62237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62237"
},
{
"name": "CVE-2025-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43817"
},
{
"name": "CVE-2025-62275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62275"
},
{
"name": "CVE-2023-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3426"
},
{
"name": "CVE-2025-62251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62251"
},
{
"name": "CVE-2024-25605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25605"
},
{
"name": "CVE-2024-25603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25603"
},
{
"name": "CVE-2023-47795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47795"
},
{
"name": "CVE-2025-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43799"
},
{
"name": "CVE-2025-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43802"
},
{
"name": "CVE-2025-43782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43782"
},
{
"name": "CVE-2025-62264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62264"
},
{
"name": "CVE-2024-25149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25149"
},
{
"name": "CVE-2025-62265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62265"
},
{
"name": "CVE-2025-43764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43764"
},
{
"name": "CVE-2025-43771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43771"
},
{
"name": "CVE-2024-25606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25606"
},
{
"name": "CVE-2024-25608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25608"
},
{
"name": "CVE-2025-43761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43761"
},
{
"name": "CVE-2025-43803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43803"
},
{
"name": "CVE-2025-43823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43823"
},
{
"name": "CVE-2022-45320",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45320"
},
{
"name": "CVE-2021-29050",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29050"
},
{
"name": "CVE-2024-25602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25602"
},
{
"name": "CVE-2024-25152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25152"
},
{
"name": "CVE-2025-43815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43815"
},
{
"name": "CVE-2025-43770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43770"
},
{
"name": "CVE-2025-62238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62238"
},
{
"name": "CVE-2025-43754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43754"
},
{
"name": "CVE-2025-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43786"
},
{
"name": "CVE-2024-11993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11993"
},
{
"name": "CVE-2025-62241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62241"
},
{
"name": "CVE-2025-62253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62253"
},
{
"name": "CVE-2025-43812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43812"
},
{
"name": "CVE-2025-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43750"
},
{
"name": "CVE-2024-25601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25601"
},
{
"name": "CVE-2024-25610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25610"
},
{
"name": "CVE-2025-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43821"
},
{
"name": "CVE-2024-25604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25604"
},
{
"name": "CVE-2025-62248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62248"
},
{
"name": "CVE-2025-43822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43822"
},
{
"name": "CVE-2025-62276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62276"
},
{
"name": "CVE-2025-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43788"
},
{
"name": "CVE-2025-43766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43766"
},
{
"name": "CVE-2025-43781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43781"
},
{
"name": "CVE-2025-43824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43824"
},
{
"name": "CVE-2025-62249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62249"
},
{
"name": "CVE-2025-43789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43789"
},
{
"name": "CVE-2025-62243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62243"
},
{
"name": "CVE-2023-47797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47797"
},
{
"name": "CVE-2025-43759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43759"
},
{
"name": "CVE-2025-43827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43827"
},
{
"name": "CVE-2024-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25147"
},
{
"name": "CVE-2025-43767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43767"
},
{
"name": "CVE-2025-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43790"
},
{
"name": "CVE-2025-62240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62240"
},
{
"name": "CVE-2024-26270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26270"
},
{
"name": "CVE-2025-43810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43810"
},
{
"name": "CVE-2025-43795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43795"
},
{
"name": "CVE-2024-26265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26265"
},
{
"name": "CVE-2025-43768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43768"
},
{
"name": "CVE-2025-43775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43775"
},
{
"name": "CVE-2025-62244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62244"
}
],
"initial_release_date": "2025-11-03T00:00:00",
"last_revision_date": "2025-11-14T00:00:00",
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 de Liferay",
"url": "https://liferay.dev/portal/security/known-vulnerabilities"
}
],
"reference": "CERTFR-2025-AVI-0954",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-03T00:00:00.000000"
},
{
"description": "R\u00e9gularisation des identifiants CVE pr\u00e9sents sur le site de l\u0027\u00e9diteur.",
"revision_date": "2025-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Liferay. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Liferay",
"vendor_advisories": [
{
"published_at": "2025-11-01",
"title": "Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62275-1",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62275-1"
},
{
"published_at": "2025-10-31",
"title": "Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62276",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62276"
},
{
"published_at": "2025-10-31",
"title": "Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62264",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62264"
},
{
"published_at": "2025-10-31",
"title": "Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62267",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62267"
}
]
}
CVE-2025-43754 (GCVE-0-2025-43754)
Vulnerability from cvelistv5 – Published: 2025-08-21 17:10 – Updated: 2025-08-21 20:01
VLAI
EPSS
Summary
Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the application by inspecting the server processing time of the login request.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
1 reference
Impacted products
2 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-21T20:01:22.248023Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T20:01:35.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.132",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.14",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2023.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.7",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the application by inspecting the server processing time of the login request."
}
],
"value": "Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the application by inspecting the server processing time of the login request."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T17:10:45.305Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43754"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43754",
"datePublished": "2025-08-21T17:10:45.305Z",
"dateReserved": "2025-04-17T10:55:24.865Z",
"dateUpdated": "2025-08-21T20:01:35.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43758 (GCVE-0-2025-43758)
Vulnerability from cvelistv5 – Published: 2025-08-22 18:18 – Updated: 2025-08-22 18:49
VLAI
EPSS
Summary
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded by object entry and stored in document_library
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Liferay | Portal |
Affected:
7.4.0 , ≤ 7.4.3.132
(maven)
|
|
| Liferay | DXP |
Affected:
7.4.13 , ≤ 7.4.13-u92
(maven)
Affected: 2024.Q1.1 , ≤ 2024.Q1.15 (maven) Affected: 2024.Q2.0 , ≤ 2023.Q2.13 (maven) Affected: 2024.Q3.1 , ≤ 2024.Q3.13 (maven) Affected: 2024.Q4.0 , ≤ 2024.Q4.7 (maven) Affected: 2025.Q1.0 , ≤ 2025.Q1.5 (maven) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-22T18:48:54.535226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T18:49:22.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.132",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.15",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2023.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.7",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2025.Q1.5",
"status": "affected",
"version": "2025.Q1.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded by object entry and stored in document_library"
}
],
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded by object entry and stored in document_library"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T18:18:59.630Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43758"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43758",
"datePublished": "2025-08-22T18:18:59.630Z",
"dateReserved": "2025-04-17T10:55:24.866Z",
"dateUpdated": "2025-08-22T18:49:22.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43759 (GCVE-0-2025-43759)
Vulnerability from cvelistv5 – Published: 2025-08-22 19:07 – Updated: 2025-08-26 14:06
VLAI
EPSS
Summary
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Liferay | Portal |
Affected:
7.4.0 , ≤ 7.4.3.132
(maven)
|
|
| Liferay | DXP |
Affected:
7.4.13 , ≤ 7.4.13-u92
(maven)
Affected: 2024.Q1.1 , ≤ 2024.Q1.14 (maven) Affected: 2024.Q2.0 , ≤ 2023.Q2.13 (maven) Affected: 2024.Q3.1 , ≤ 2024.Q3.13 (maven) Affected: 2024.Q4.0 , ≤ 2024.Q4.7 (maven) Affected: 2025.Q1.0 , ≤ 2025.Q1.1 (maven) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T13:07:55.760633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T14:06:50.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.132",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.14",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2023.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.7",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2025.Q1.1",
"status": "affected",
"version": "2025.Q1.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants."
}
],
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T19:07:09.852Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43759"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43759",
"datePublished": "2025-08-22T19:07:09.852Z",
"dateReserved": "2025-04-17T10:55:24.866Z",
"dateUpdated": "2025-08-26T14:06:50.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43761 (GCVE-0-2025-43761)
Vulnerability from cvelistv5 – Published: 2025-08-22 20:25 – Updated: 2025-08-22 20:48
VLAI
EPSS
Summary
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
2 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-22T20:47:56.981547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T20:48:59.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.12",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2023.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.4",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T20:25:46.187Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43761"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43761",
"datePublished": "2025-08-22T20:25:46.187Z",
"dateReserved": "2025-04-17T10:55:26.803Z",
"dateUpdated": "2025-08-22T20:48:59.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43762 (GCVE-0-2025-43762)
Vulnerability from cvelistv5 – Published: 2025-08-22 18:43 – Updated: 2025-08-22 19:03
VLAI
EPSS
Summary
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the forms, the files are stored in the document_library allowing an attacker to cause a potential DDoS.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Liferay | Portal |
Affected:
7.4.0 , ≤ 7.4.3.132
(maven)
|
|
| Liferay | DXP |
Affected:
7.4.13 , ≤ 7.4.13-u92
(maven)
Affected: 2024.Q1.1 , ≤ 2024.Q1.14 (maven) Affected: 2024.Q2.0 , ≤ 2023.Q2.13 (maven) Affected: 2024.Q3.1 , ≤ 2024.Q3.13 (maven) Affected: 2024.Q4.0 , ≤ 2024.Q4.7 (maven) Affected: 2025.Q1.0 , ≤ 2025.Q1.1 (maven) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-22T19:03:43.667673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T19:03:57.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.132",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.14",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2023.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.7",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2025.Q1.1",
"status": "affected",
"version": "2025.Q1.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the forms, the files are stored in the document_library allowing an attacker to cause a potential DDoS."
}
],
"value": "Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the forms, the files are stored in the document_library allowing an attacker to cause a potential DDoS."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T18:43:08.618Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43762"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43762",
"datePublished": "2025-08-22T18:43:08.618Z",
"dateReserved": "2025-04-17T10:55:26.803Z",
"dateUpdated": "2025-08-22T19:03:57.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43764 (GCVE-0-2025-43764)
Vulnerability from cvelistv5 – Published: 2025-08-23 04:49 – Updated: 2025-08-25 18:44
VLAI
EPSS
Summary
Self-ReDoS (Regular expression Denial of Service) exists with Role Name search field of Kaleo Designer portlet JavaScript in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.1, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92, which allows authenticated users with permissions to update Kaleo Workflows to enter a malicious Regex pattern causing their browser to hang for a very long time.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Liferay | Portal |
Affected:
7.4.3.0 , ≤ 7.4.3.131
(maven)
|
|
| Liferay | DXP |
Affected:
7.4.13 , ≤ 7.4.13-u92
(maven)
Affected: 2024.Q1.1 , ≤ 2024.Q1.20 (maven) Affected: 2024.Q2.1 , ≤ 2024.Q2.13 (maven) Affected: 2024.Q3.0 , ≤ 2024.Q3.13 (maven) Affected: 2024.Q4.0 , ≤ 2024.Q4.1 (maven) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T18:44:14.273754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T18:44:21.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.3.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.20",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q2.13",
"status": "affected",
"version": "2024.Q2.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.1",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Self-ReDoS (Regular expression Denial of Service) exists with Role Name search field of Kaleo Designer portlet JavaScript in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.1, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92, which allows authenticated users with permissions to update Kaleo Workflows to enter a malicious Regex pattern causing their browser to hang for a very long time."
}
],
"value": "Self-ReDoS (Regular expression Denial of Service) exists with Role Name search field of Kaleo Designer portlet JavaScript in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.1, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92, which allows authenticated users with permissions to update Kaleo Workflows to enter a malicious Regex pattern causing their browser to hang for a very long time."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-23T04:49:59.172Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43764"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43764",
"datePublished": "2025-08-23T04:49:59.172Z",
"dateReserved": "2025-04-17T10:55:26.804Z",
"dateUpdated": "2025-08-25T18:44:21.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43765 (GCVE-0-2025-43765)
Vulnerability from cvelistv5 – Published: 2025-08-23 04:32 – Updated: 2025-08-25 18:44
VLAI
EPSS
Summary
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T18:44:49.658309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T18:44:58.753Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.3.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.13",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content."
}
],
"value": "A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-23T04:32:39.432Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43765"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43765",
"datePublished": "2025-08-23T04:32:39.432Z",
"dateReserved": "2025-04-17T10:55:26.804Z",
"dateUpdated": "2025-08-25T18:44:58.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43766 (GCVE-0-2025-43766)
Vulnerability from cvelistv5 – Published: 2025-08-23 04:17 – Updated: 2025-08-25 17:46
VLAI
EPSS
Summary
The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T17:44:37.518615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T17:46:32.324Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.3.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.12",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers."
}
],
"value": "The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-23T04:17:29.170Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43766"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43766",
"datePublished": "2025-08-23T04:17:29.170Z",
"dateReserved": "2025-04-17T10:55:26.804Z",
"dateUpdated": "2025-08-25T17:46:32.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43767 (GCVE-0-2025-43767)
Vulnerability from cvelistv5 – Published: 2025-08-23 03:41 – Updated: 2025-08-25 17:51
VLAI
EPSS
Summary
Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T17:49:54.496225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T17:51:01.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.3.86",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13-u86",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.12",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.9",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site."
}
],
"value": "Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-23T03:41:34.635Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43767"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43767",
"datePublished": "2025-08-23T03:41:34.635Z",
"dateReserved": "2025-04-17T10:55:26.804Z",
"dateUpdated": "2025-08-25T17:51:01.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43768 (GCVE-0-2025-43768)
Vulnerability from cvelistv5 – Published: 2025-08-23 03:04 – Updated: 2025-08-25 17:55
VLAI
EPSS
Summary
Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without any permissions to access sensitive information of admin users using JSONWS APIs.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Assigner
References
1 reference
Impacted products
2 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T17:55:35.193091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T17:55:58.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.3.131",
"status": "affected",
"version": "7.4.0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.4.13-u92",
"status": "affected",
"version": "7.4.13",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q1.15",
"status": "affected",
"version": "2024.Q1.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q2.13",
"status": "affected",
"version": "2024.Q2.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q3.13",
"status": "affected",
"version": "2024.Q3.1",
"versionType": "maven"
},
{
"lessThanOrEqual": "2024.Q4.7",
"status": "affected",
"version": "2024.Q4.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without any permissions to access sensitive information of admin users using JSONWS APIs."
}
],
"value": "Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without any permissions to access sensitive information of admin users using JSONWS APIs."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-23T03:04:06.888Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43768"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2025-43768",
"datePublished": "2025-08-23T03:04:06.888Z",
"dateReserved": "2025-04-17T10:55:26.804Z",
"dateUpdated": "2025-08-25T17:55:58.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…