CVE-2025-43732 | Liferay Portal/DXP groupId authorization

Inserito da Angelo Barbosa | Ago 18, 2025 | CVE

A vulnerability classified as problematic was found in Liferay Portal and DXP. Impacted is the function _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. Executing manipulation of the argument groupId can lead to authorization bypass.

This vulnerability is handled as CVE-2025-43732. The attack can be executed remotely. There is not any exploit available.

CVE-2025-43732 | Liferay Portal/DXP groupId authorization

Post correlati

CVE-2024-43661 | Iocharger prior 24120701 stack-based overflow (DIVD-2024-00035)

CVE-2025-20978 | Samsung PENUP 3.8.00.18 access control

CVE-2024-49616 | Nyasro Rate Own Post Plugin up to 1.0 on WordPress sql injection

CVE-2022-48843 | Linux Kernel up to 5.4.185/5.10.106/5.15.29/5.16.15 vrr null pointer dereference