CVE-2025-43732 | Liferay Portal/DXP groupId authorization

Inserito da Angelo Barbosa | Ago 18, 2025 | CVE

A vulnerability classified as problematic was found in Liferay Portal and DXP. Impacted is the function _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. Executing manipulation of the argument groupId can lead to authorization bypass.

This vulnerability is handled as CVE-2025-43732. The attack can be executed remotely. There is not any exploit available.

CVE-2025-43732 | Liferay Portal/DXP groupId authorization

Post correlati

CVE-2024-39312 | randombit botan up to 2.19.4/3.4.x x.509 Certificate certificate validation

CVE-2025-0239 | Mozilla Firefox up to 133.x ALPN certificate validation

CVE-2025-9361 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 ipRangeBlockManageRule stack-based overflow

CVE-2025-1156 | Pix Software Vivaz 6.0.10 /servlet?act=login usuario sql injection