CVE-2025-62252 | Liferay Portal/DXP authorization

October 14, 2025 Yanac

A vulnerability was found in Liferay Portal and DXP. It has been classified as critical. Affected is an unknown function. The manipulation of the argument _com_liferay_users_admin_web_portlet_UsersAdminPortlet_addUserIds leads to authorization bypass.

This vulnerability is documented as CVE-2025-62252. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-62362 | GPP-Woo GPP-burgerportaal up to 2.0.2/3.0.1/4.0.0 exposure of private personal information to an unauthorized actor (GHSA-pgg6-2865-2788)
CVE-2025-59836 | siderolabs omni up to 1.0.1/1.1.4 Resource Service isSensitiveSpec improper check or handling of exceptional conditions (GHSA-4p3p-cr38-v5xp)