CVE-2025-43810 | Liferay Portal/DXP authorization

A vulnerability, which was classified as problematic, was found in Liferay Portal and DXP. This affects an unknown function. Such manipulation of the argument _com_liferay_commerce_order_web_internal_portlet_CommerceOrderPortlet_commerceOrderId leads to authorization bypass.

This vulnerability is documented as CVE-2025-43810. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More