A vulnerability classified as problematic was found in Liferay Portal and DXP. Impacted is the function
_com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId
. Executing manipulation of the argument groupId can lead to authorization bypass.
This vulnerability is handled as CVE-2025-43732. The attack can be executed remotely. There is not any exploit available.