CVE-2025-62248 | Liferay Portal/DXP cross site scripting

Inserito da Angelo Barbosa | Ott 23, 2025 | CVE

A vulnerability was found in Liferay Portal and DXP. It has been declared as problematic. Affected is an unknown function. Such manipulation of the argument _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_definition leads to cross site scripting.

This vulnerability is documented as CVE-2025-62248. The attack can be executed remotely. There is not any exploit available.

CVE-2025-62248 | Liferay Portal/DXP cross site scripting

Post correlati

CVE-2023-52354 | chasquid up to 1.12 SMTP injection

CVE-2020-36769 | kevinlangleyjr Widget Settings Importer-Exporter Plugin up to 1.5.3 on WordPress wp_ajax_import_widget_dataparameter cross site scripting

CVE-2024-7827 | Shopping Cart & eCommerce Store Plugin up to 5.7.2 on WordPress model_number sql injection

CVE-2024-6560 | Addonify Plugin up to 1.2.16 on WordPress information disclosure