Data Exposure Vulnerability in Liferay Portal and DXP
CVE-2025-2565
5.1MEDIUM
What is CVE-2025-2565?
A vulnerability in Liferay Portal and Liferay DXP allows unauthorized users to access form entry data. This affects numerous versions, including Liferay Portal 7.4.0 to 7.4.3.126, and various DXP releases from 2023.Q3.0 to 2024.Q3.0. Taking necessary precautions to secure this exposure is crucial to protect sensitive user data.
Affected Version(s)
DXP 7.4.13 <= 7.4.13-u92
DXP 2023.Q3.1 <= 2023.Q3.10
DXP 2023.Q4.0 <= 2023.Q4.10