VIR Vulnerability Intelligence Relay

CVE-2025-43787

unknown
Published 2025-09-12 · Modified 2025-12-20
CVSS v3
CVSS v2
VIR risk

Description

Liferay Portal's selection modal is vulnerable to XSS

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Package impact
EcosystemPackageVulnerableFixed
java Mavencom.liferay:com.liferay.users.admin.web>=6.0.6,<11.0.3311.0.33

References

Verify integrity in audit chain (admin only). AS-IS.