2 matches found
CVE-2025-4581
CVE-2025-4581 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.4 (as well as older 7.4 GA through update 92, and listed 2024 Qx releases). The root cause is improper validation of user-supplied URLs in the portal-settings-authentication-opensso-web component, enabling a pr...
PT-2025-32427
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.132 Liferay DXP versions 2025.Q1.0 through 2025.Q1.4 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q2.0 through 2024.Q2....