CVE-2025-43818 | Liferay Portal/DXP Calendar Widget Name cross site scripting

A vulnerability categorized as problematic has been discovered in Liferay Portal and DXP. This vulnerability affects unknown code of the component Calendar Widget. Executing manipulation of the argument Name can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-43818. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More