CVE-2025-4655 – com.liferay.portal:release.dxp.bom

Package

Manager: maven
Name: com.liferay.portal:release.dxp.bom
Vulnerable Version: >=2025.q1.0 <2025.q1.6 || >=2024.q4.0 <=2024.q4.7 || >=2024.q3.1 <=2024.q3.13 || >=2024.q2.0 <=2024.q2.13 || >=2024.q1.0 <2024.q1.16 || >=0 <=7.4.13.u92

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

EPSS: 0.00047 pctl0.13856

Details

Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery An SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, and 7.4 GA through update 92 allows template editors to bypass access validations via crafted URLs.

Metadata

Created: 2025-08-09T06:30:28Z
Modified: 2025-08-12T00:13:20Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-c6g5-g6r7-q4j6/GHSA-c6g5-g6r7-q4j6.json
CWE IDs: ["CWE-918"]
Alternative ID: GHSA-c6g5-g6r7-q4j6
Finding: F100
Auto approve: 1