CVE-2025-62258 | Liferay Portal/DXP Headless API endpoint cross-site request forgery

A vulnerability described as problematic has been identified in Liferay Portal and DXP. Affected by this issue is some unknown functionality of the component Headless API. Such manipulation of the argument endpoint leads to cross-site request forgery.

This vulnerability is listed as CVE-2025-62258. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More