CVE-2025-43753
The CVE-2025-43753 entry describes a reflected XSS in Liferay products where a remote authenticated user can inject JavaScript into the embedded message field from the form container. Affected products include: Liferay Portal 7.4.3.32–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.7 , plus older qua...