{"id":68694,"date":"2025-08-23T08:00:16","date_gmt":"2025-08-23T04:30:16","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-43769-liferay-portal-liferay-dxp-stored-cross-site-scripting-xss-vulnerability\/"},"modified":"2025-08-23T08:00:16","modified_gmt":"2025-08-23T04:30:16","slug":"cve-2025-43769-liferay-portal-liferay-dxp-stored-cross-site-scripting-xss-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-43769-liferay-portal-liferay-dxp-stored-cross-site-scripting-xss-vulnerability\/","title":{"rendered":"CVE-2025-43769 &#8211; Liferay Portal Liferay DXP Stored Cross-Site Scripting (XSS) Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-43769<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 23, 2025, 3:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or HTML via components tab.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 4.6 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-43769 Published : Aug. 23, 2025, 3:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago Description : Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-68694","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=68694"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68694\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=68694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=68694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=68694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}