CVE-2025-43823 | Liferay Portal/DXP Search Result Widget Commerce Product Name cross site scripting

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. This impacts an unknown function of the component Search Result Widget. Performing manipulation of the argument Commerce Product Name results in cross site scripting.

This vulnerability is reported as CVE-2025-43823. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More