CVE-2025-3594 | Liferay Portal/DXP Xuggler path traversal

A vulnerability was found in Liferay Portal and DXP. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component Xuggler. The manipulation of the argument _com_liferay_server_admin_web_portlet_ServerAdminPortlet_jarName leads to path traversal.

This vulnerability is known as CVE-2025-3594. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More