CVE-2025-43746 | Liferay Portal/DXP cross site scripting

Inserito da Angelo Barbosa | Ago 20, 2025 | CVE

A vulnerability was found in Liferay Portal and DXP. It has been rated as problematic. This vulnerability affects unknown code. The manipulation of the argument _com_Liferay_dynamic_data_mapping_web_portlet_DDMPortlet_portletNamespace/_com_Liferay_dynamic_data_mapping_web_portlet_DDMPortlet_namespace leads to cross site scripting.

This vulnerability is listed as CVE-2025-43746. The attack may be initiated remotely. There is no available exploit.

CVE-2025-43746 | Liferay Portal/DXP cross site scripting

Post correlati

CVE-2024-13689 | undsgn Uncode Core Plugin up to 2.9.1.6 on WordPress Shortcode code injection

CVE-2023-7078 | Cloudflare miniflare prior 3.20231030.2 HTTP Request server-side request forgery

CVE-2024-20738 | Adobe FrameMaker Publishing Server up to 2022 Update 1 improper authentication (apsb24-10)

CVE-2025-0357 | Iqonic Design WPBookit Plugin up to 1.6.9 on WordPress handle_image_upload unrestricted upload