All posts
Critical
Low
Medium

CVE-2025-43823

Alias:

Overview

Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload i...

Critical
Low
Medium
No items found.

Severity / CVSS Score:  (Critical)

CWE:

Discovery date:

Authentication required: NoneYes

Attack Vector: None

Affected Components

Kodem Deep Dive

Previous Post
Next Post

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo