CVE-2025-43768 | Liferay Portal/DXP JSONWS API insertion of sensitive information into sent data

Inserito da Angelo Barbosa | Ago 23, 2025 | CVE

A vulnerability was found in Liferay Portal and DXP and classified as problematic. The affected element is an unknown function of the component JSONWS API. Such manipulation leads to insertion of sensitive information into sent data.

This vulnerability is documented as CVE-2025-43768. The attack can be executed remotely. There is not any exploit available.

CVE-2025-43768 | Liferay Portal/DXP JSONWS API insertion of sensitive information into sent data

Post correlati

CVE-2025-7864 | thinkgem JeeSite up to 5.12.0 FileUploadController.java upload unrestricted upload (Issue 31)

CVE-2023-51257 | jasper 4.1.2 JPC Encoder memory corruption

CVE-2022-49444 | Linux Kernel up to 5.15.53/5.17.13/5.18.2 secstrings memory corruption

CVE-2024-7992 | Autodesk AutoCAD 2025 DWG File stack-based overflow