CVE-2025-43739
unknown
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
โ
Description
Liferay Portal Email Modification Vulnerability via Calendar Portlet
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Maven | com.liferay:com.liferay.calendar.service | <6.0.83 | 6.0.83 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2025-43739
- https://github.com/liferay/liferay-portal/commit/0a9f5df16ae0afa8216ca568b89b2cdf00054bde
- https://github.com/liferay/liferay-portal/commit/5dc74a9f53f0aaa6cc1b6e0f503842832324239a
- https://github.com/liferay/liferay-portal/commit/75be892f7cf31e1a38555d45627b0c2a06490d3d
- https://github.com/liferay/liferay-portal/commit/7d70fab2259ff8b4a775021eb95bfc183823f8fc
- https://github.com/liferay/liferay-portal/commit/7eb551616c6b8beeaf660ff7f29b09794cb80d91
- https://github.com/liferay/liferay-portal/commit/a01a99cc4a5c7436f49790a1bfb386299172149c
- https://github.com/liferay/liferay-portal/commit/b396c00338e754976a9f63ea1d5393f29babdabb
- https://github.com/liferay/liferay-portal/commit/c1660f1a906c5ee3adca51e68f0abd6f9c1d253f
- https://github.com/liferay/liferay-portal/commit/e50c1a0a53d30b4e55f47495e265c5b7ea3459e1
- https://github.com/liferay/liferay-portal/commit/f238677d9afb46cfe4e23f05ce11bd5197a70388
- https://github.com/liferay/liferay-portal/commit/ff18e7d363f2a3bc83e9d3446f1bc49bee821883
- https://github.com/liferay/liferay-portal/commit/ff927f3f6784b396d3a611ac2e5e99b69ff0fd05
- https://github.com/liferay/liferay-portal
- https://liferay.atlassian.net/browse/LPE-18210
- https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43739
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.