Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 21 Aug 2025 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Liferay
Liferay dxp Liferay portal |
|
Vendors & Products |
Liferay
Liferay dxp Liferay portal |
Wed, 20 Aug 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 20 Aug 2025 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded in the form and stored in document_library | |
Weaknesses | CWE-552 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: Liferay
Published:
Updated: 2025-08-20T15:12:48.985Z
Reserved: 2025-04-17T10:55:23.317Z
Link: CVE-2025-43749

Updated: 2025-08-20T15:12:43.336Z

Status : Awaiting Analysis
Published: 2025-08-20T13:15:27.413
Modified: 2025-08-20T14:39:07.860
Link: CVE-2025-43749

No data.

Updated: 2025-08-21T12:31:00Z