CVE-2025-43827 | Liferay Portal/DXP authorization

September 30, 2025 Yanac

A vulnerability has been found in Liferay Portal and DXP and classified as problematic. Impacted is an unknown function. The manipulation of the argument _com_liferay_portal_security_audit_web_portlet_AuditPortlet_auditEventId leads to authorization bypass.

This vulnerability is documented as CVE-2025-43827. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-23292 | NVIDIA License System Delegated Licensing Service data query logic injection
CVE-2025-23293 | NVIDIA License System Delegated Licensing Service missing authentication