CVE-2025-43774 | Liferay Portal/DXP Style Book Theme Name cross site scripting

Inserito da Angelo Barbosa | Set 9, 2025 | CVE

A vulnerability marked as problematic has been reported in Liferay Portal and DXP. Affected by this issue is some unknown functionality of the component Style Book Theme Name Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-43774. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-43774 | Liferay Portal/DXP Style Book Theme Name cross site scripting

Post correlati

CVE-2024-5037 | Red Hat Logging Subsystem for OpenShift Issue Checking authentication spoofing

CVE-2024-28891 | Delta Electronics DIAEnergie up to 1.10.00.4 Handler_CFG.ashx sql injection (icsa-24-074-12)

CVE-2025-38157 | Linux Kernel up to 6.15.2 ath9k_htc_swba out-of-bounds

CVE-2023-32888 | MediaTek MT6990 Modem IMS Call UA denial of service (MOLY01161830)