CVE-2025-62275
CVE-2025-62275 affects Liferay Portal 7.4.0–7.4.3.111 and older unsupported versions, and Liferay DXP 2023.Q3–2023.Q4, where images in blog entries bypass permission checks via crafted URLs. The issue stems from missing permission verification in image access within BlogsItemSelectorViewDisplayCo...