A vulnerability, which was classified as problematic, has been found in Liferay Portal and DXP. This affects an unknown part of the component Commerce View Order Page. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is listed as CVE-2025-62237. The attack may be initiated remotely. There is no available exploit.