CVE-2025-43806 | Liferay Portal/DXP REST API authorization

September 23, 2025 Yanac

A vulnerability was found in Liferay Portal and DXP and classified as critical. Affected is an unknown function of the component REST API. Executing manipulation can lead to incorrect authorization.

This vulnerability appears as CVE-2025-43806. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-42907 | SAP BI Platform 2025/2027/ENTERPRISE 430 LogonToken server-side request forgery
CVE-2025-43814 | Liferay Portal/DXP Password Reminder insertion of sensitive information into sent data