CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-43808

The Commerce component in Liferay Portal 7.3.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and 7.3 service pack 3 through update 35 saves virtual products uploaded to Documents and Media with guest view permission, which allows remote attackers to access and download virtual products for free via a crafted URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.8%

CVSS Severity

CVSS v3 Score 5.3

References

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43808

Products affected by CVE-2025-43808

Liferay » Digital Experience Platform » Version: 2023.q3.1

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.1
Liferay » Digital Experience Platform » Version: 2023.q3.10

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.10
Liferay » Digital Experience Platform » Version: 2023.q3.2

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.2
Liferay » Digital Experience Platform » Version: 2023.q3.3

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.3
Liferay » Digital Experience Platform » Version: 2023.q3.4

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.4
Liferay » Digital Experience Platform » Version: 2023.q3.5

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.5
Liferay » Digital Experience Platform » Version: 2023.q3.6

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.6
Liferay » Digital Experience Platform » Version: 2023.q3.7

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.7
Liferay » Digital Experience Platform » Version: 2023.q3.8

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.8
Liferay » Digital Experience Platform » Version: 2023.q3.9

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.9
Liferay » Digital Experience Platform » Version: 2023.q4.0

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.0
Liferay » Digital Experience Platform » Version: 2023.q4.1

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.1
Liferay » Digital Experience Platform » Version: 2023.q4.2

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.2
Liferay » Digital Experience Platform » Version: 2023.q4.3

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.3
Liferay » Digital Experience Platform » Version: 2023.q4.4

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.4
Liferay » Digital Experience Platform » Version: 2023.q4.5

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.5
Liferay » Digital Experience Platform » Version: 2023.q4.6

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.6
Liferay » Digital Experience Platform » Version: 2023.q4.7

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.7
Liferay » Digital Experience Platform » Version: 2023.q4.8

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.8
Liferay » Digital Experience Platform » Version: 7.3

cpe:2.3:a:liferay:digital_experience_platform:7.3
Liferay » Digital Experience Platform » Version: 7.4

cpe:2.3:a:liferay:digital_experience_platform:7.4
Liferay » Liferay Portal » Version: 7.4.0

cpe:2.3:a:liferay:liferay_portal:7.4.0
Liferay » Liferay Portal » Version: 7.4.1

cpe:2.3:a:liferay:liferay_portal:7.4.1
Liferay » Liferay Portal » Version: 7.4.2

cpe:2.3:a:liferay:liferay_portal:7.4.2
Liferay » Liferay Portal » Version: 7.4.3.10

cpe:2.3:a:liferay:liferay_portal:7.4.3.10
Liferay » Liferay Portal » Version: 7.4.3.100

cpe:2.3:a:liferay:liferay_portal:7.4.3.100
Liferay » Liferay Portal » Version: 7.4.3.101

cpe:2.3:a:liferay:liferay_portal:7.4.3.101
Liferay » Liferay Portal » Version: 7.4.3.102

cpe:2.3:a:liferay:liferay_portal:7.4.3.102
Liferay » Liferay Portal » Version: 7.4.3.103

cpe:2.3:a:liferay:liferay_portal:7.4.3.103
Liferay » Liferay Portal » Version: 7.4.3.104

cpe:2.3:a:liferay:liferay_portal:7.4.3.104
Liferay » Liferay Portal » Version: 7.4.3.105

cpe:2.3:a:liferay:liferay_portal:7.4.3.105
Liferay » Liferay Portal » Version: 7.4.3.106

cpe:2.3:a:liferay:liferay_portal:7.4.3.106
Liferay » Liferay Portal » Version: 7.4.3.107

cpe:2.3:a:liferay:liferay_portal:7.4.3.107
Liferay » Liferay Portal » Version: 7.4.3.108

cpe:2.3:a:liferay:liferay_portal:7.4.3.108
Liferay » Liferay Portal » Version: 7.4.3.109

cpe:2.3:a:liferay:liferay_portal:7.4.3.109
Liferay » Liferay Portal » Version: 7.4.3.11

cpe:2.3:a:liferay:liferay_portal:7.4.3.11
Liferay » Liferay Portal » Version: 7.4.3.110

cpe:2.3:a:liferay:liferay_portal:7.4.3.110
Liferay » Liferay Portal » Version: 7.4.3.111

cpe:2.3:a:liferay:liferay_portal:7.4.3.111
Liferay » Liferay Portal » Version: 7.4.3.112

cpe:2.3:a:liferay:liferay_portal:7.4.3.112
Liferay » Liferay Portal » Version: 7.4.3.12

cpe:2.3:a:liferay:liferay_portal:7.4.3.12
Liferay » Liferay Portal » Version: 7.4.3.13

cpe:2.3:a:liferay:liferay_portal:7.4.3.13
Liferay » Liferay Portal » Version: 7.4.3.14

cpe:2.3:a:liferay:liferay_portal:7.4.3.14
Liferay » Liferay Portal » Version: 7.4.3.15

cpe:2.3:a:liferay:liferay_portal:7.4.3.15
Liferay » Liferay Portal » Version: 7.4.3.16

cpe:2.3:a:liferay:liferay_portal:7.4.3.16
Liferay » Liferay Portal » Version: 7.4.3.17

cpe:2.3:a:liferay:liferay_portal:7.4.3.17
Liferay » Liferay Portal » Version: 7.4.3.18

cpe:2.3:a:liferay:liferay_portal:7.4.3.18
Liferay » Liferay Portal » Version: 7.4.3.19

cpe:2.3:a:liferay:liferay_portal:7.4.3.19
Liferay » Liferay Portal » Version: 7.4.3.20

cpe:2.3:a:liferay:liferay_portal:7.4.3.20
Liferay » Liferay Portal » Version: 7.4.3.21

cpe:2.3:a:liferay:liferay_portal:7.4.3.21
Liferay » Liferay Portal » Version: 7.4.3.22

cpe:2.3:a:liferay:liferay_portal:7.4.3.22
Liferay » Liferay Portal » Version: 7.4.3.23

cpe:2.3:a:liferay:liferay_portal:7.4.3.23
Liferay » Liferay Portal » Version: 7.4.3.24

cpe:2.3:a:liferay:liferay_portal:7.4.3.24
Liferay » Liferay Portal » Version: 7.4.3.25

cpe:2.3:a:liferay:liferay_portal:7.4.3.25
Liferay » Liferay Portal » Version: 7.4.3.26

cpe:2.3:a:liferay:liferay_portal:7.4.3.26
Liferay » Liferay Portal » Version: 7.4.3.27

cpe:2.3:a:liferay:liferay_portal:7.4.3.27
Liferay » Liferay Portal » Version: 7.4.3.28

cpe:2.3:a:liferay:liferay_portal:7.4.3.28
Liferay » Liferay Portal » Version: 7.4.3.29

cpe:2.3:a:liferay:liferay_portal:7.4.3.29
Liferay » Liferay Portal » Version: 7.4.3.30

cpe:2.3:a:liferay:liferay_portal:7.4.3.30
Liferay » Liferay Portal » Version: 7.4.3.31

cpe:2.3:a:liferay:liferay_portal:7.4.3.31
Liferay » Liferay Portal » Version: 7.4.3.32

cpe:2.3:a:liferay:liferay_portal:7.4.3.32
Liferay » Liferay Portal » Version: 7.4.3.33

cpe:2.3:a:liferay:liferay_portal:7.4.3.33
Liferay » Liferay Portal » Version: 7.4.3.34

cpe:2.3:a:liferay:liferay_portal:7.4.3.34
Liferay » Liferay Portal » Version: 7.4.3.35

cpe:2.3:a:liferay:liferay_portal:7.4.3.35
Liferay » Liferay Portal » Version: 7.4.3.36

cpe:2.3:a:liferay:liferay_portal:7.4.3.36
Liferay » Liferay Portal » Version: 7.4.3.37

cpe:2.3:a:liferay:liferay_portal:7.4.3.37
Liferay » Liferay Portal » Version: 7.4.3.38

cpe:2.3:a:liferay:liferay_portal:7.4.3.38
Liferay » Liferay Portal » Version: 7.4.3.39

cpe:2.3:a:liferay:liferay_portal:7.4.3.39
Liferay » Liferay Portal » Version: 7.4.3.4

cpe:2.3:a:liferay:liferay_portal:7.4.3.4
Liferay » Liferay Portal » Version: 7.4.3.40

cpe:2.3:a:liferay:liferay_portal:7.4.3.40
Liferay » Liferay Portal » Version: 7.4.3.41

cpe:2.3:a:liferay:liferay_portal:7.4.3.41
Liferay » Liferay Portal » Version: 7.4.3.42

cpe:2.3:a:liferay:liferay_portal:7.4.3.42
Liferay » Liferay Portal » Version: 7.4.3.43

cpe:2.3:a:liferay:liferay_portal:7.4.3.43
Liferay » Liferay Portal » Version: 7.4.3.44

cpe:2.3:a:liferay:liferay_portal:7.4.3.44
Liferay » Liferay Portal » Version: 7.4.3.45

cpe:2.3:a:liferay:liferay_portal:7.4.3.45
Liferay » Liferay Portal » Version: 7.4.3.46

cpe:2.3:a:liferay:liferay_portal:7.4.3.46
Liferay » Liferay Portal » Version: 7.4.3.47

cpe:2.3:a:liferay:liferay_portal:7.4.3.47
Liferay » Liferay Portal » Version: 7.4.3.48

cpe:2.3:a:liferay:liferay_portal:7.4.3.48
Liferay » Liferay Portal » Version: 7.4.3.49

cpe:2.3:a:liferay:liferay_portal:7.4.3.49
Liferay » Liferay Portal » Version: 7.4.3.5

cpe:2.3:a:liferay:liferay_portal:7.4.3.5
Liferay » Liferay Portal » Version: 7.4.3.50

cpe:2.3:a:liferay:liferay_portal:7.4.3.50
Liferay » Liferay Portal » Version: 7.4.3.51

cpe:2.3:a:liferay:liferay_portal:7.4.3.51
Liferay » Liferay Portal » Version: 7.4.3.52

cpe:2.3:a:liferay:liferay_portal:7.4.3.52
Liferay » Liferay Portal » Version: 7.4.3.53

cpe:2.3:a:liferay:liferay_portal:7.4.3.53
Liferay » Liferay Portal » Version: 7.4.3.54

cpe:2.3:a:liferay:liferay_portal:7.4.3.54
Liferay » Liferay Portal » Version: 7.4.3.55

cpe:2.3:a:liferay:liferay_portal:7.4.3.55
Liferay » Liferay Portal » Version: 7.4.3.56

cpe:2.3:a:liferay:liferay_portal:7.4.3.56
Liferay » Liferay Portal » Version: 7.4.3.57

cpe:2.3:a:liferay:liferay_portal:7.4.3.57
Liferay » Liferay Portal » Version: 7.4.3.58

cpe:2.3:a:liferay:liferay_portal:7.4.3.58
Liferay » Liferay Portal » Version: 7.4.3.59

cpe:2.3:a:liferay:liferay_portal:7.4.3.59
Liferay » Liferay Portal » Version: 7.4.3.6

cpe:2.3:a:liferay:liferay_portal:7.4.3.6
Liferay » Liferay Portal » Version: 7.4.3.60

cpe:2.3:a:liferay:liferay_portal:7.4.3.60
Liferay » Liferay Portal » Version: 7.4.3.61

cpe:2.3:a:liferay:liferay_portal:7.4.3.61
Liferay » Liferay Portal » Version: 7.4.3.62

cpe:2.3:a:liferay:liferay_portal:7.4.3.62
Liferay » Liferay Portal » Version: 7.4.3.63

cpe:2.3:a:liferay:liferay_portal:7.4.3.63
Liferay » Liferay Portal » Version: 7.4.3.64

cpe:2.3:a:liferay:liferay_portal:7.4.3.64
Liferay » Liferay Portal » Version: 7.4.3.65

cpe:2.3:a:liferay:liferay_portal:7.4.3.65
Liferay » Liferay Portal » Version: 7.4.3.66

cpe:2.3:a:liferay:liferay_portal:7.4.3.66
Liferay » Liferay Portal » Version: 7.4.3.67

cpe:2.3:a:liferay:liferay_portal:7.4.3.67
Liferay » Liferay Portal » Version: 7.4.3.68

cpe:2.3:a:liferay:liferay_portal:7.4.3.68
Liferay » Liferay Portal » Version: 7.4.3.69

cpe:2.3:a:liferay:liferay_portal:7.4.3.69
Liferay » Liferay Portal » Version: 7.4.3.7

cpe:2.3:a:liferay:liferay_portal:7.4.3.7
Liferay » Liferay Portal » Version: 7.4.3.70

cpe:2.3:a:liferay:liferay_portal:7.4.3.70
Liferay » Liferay Portal » Version: 7.4.3.71

cpe:2.3:a:liferay:liferay_portal:7.4.3.71
Liferay » Liferay Portal » Version: 7.4.3.72

cpe:2.3:a:liferay:liferay_portal:7.4.3.72
Liferay » Liferay Portal » Version: 7.4.3.73

cpe:2.3:a:liferay:liferay_portal:7.4.3.73
Liferay » Liferay Portal » Version: 7.4.3.74

cpe:2.3:a:liferay:liferay_portal:7.4.3.74
Liferay » Liferay Portal » Version: 7.4.3.75

cpe:2.3:a:liferay:liferay_portal:7.4.3.75
Liferay » Liferay Portal » Version: 7.4.3.76

cpe:2.3:a:liferay:liferay_portal:7.4.3.76
Liferay » Liferay Portal » Version: 7.4.3.77

cpe:2.3:a:liferay:liferay_portal:7.4.3.77
Liferay » Liferay Portal » Version: 7.4.3.78

cpe:2.3:a:liferay:liferay_portal:7.4.3.78
Liferay » Liferay Portal » Version: 7.4.3.79

cpe:2.3:a:liferay:liferay_portal:7.4.3.79
Liferay » Liferay Portal » Version: 7.4.3.8

cpe:2.3:a:liferay:liferay_portal:7.4.3.8
Liferay » Liferay Portal » Version: 7.4.3.80

cpe:2.3:a:liferay:liferay_portal:7.4.3.80
Liferay » Liferay Portal » Version: 7.4.3.81

cpe:2.3:a:liferay:liferay_portal:7.4.3.81
Liferay » Liferay Portal » Version: 7.4.3.82

cpe:2.3:a:liferay:liferay_portal:7.4.3.82
Liferay » Liferay Portal » Version: 7.4.3.83

cpe:2.3:a:liferay:liferay_portal:7.4.3.83
Liferay » Liferay Portal » Version: 7.4.3.84

cpe:2.3:a:liferay:liferay_portal:7.4.3.84
Liferay » Liferay Portal » Version: 7.4.3.85

cpe:2.3:a:liferay:liferay_portal:7.4.3.85
Liferay » Liferay Portal » Version: 7.4.3.86

cpe:2.3:a:liferay:liferay_portal:7.4.3.86
Liferay » Liferay Portal » Version: 7.4.3.87

cpe:2.3:a:liferay:liferay_portal:7.4.3.87
Liferay » Liferay Portal » Version: 7.4.3.88

cpe:2.3:a:liferay:liferay_portal:7.4.3.88
Liferay » Liferay Portal » Version: 7.4.3.89

cpe:2.3:a:liferay:liferay_portal:7.4.3.89
Liferay » Liferay Portal » Version: 7.4.3.9

cpe:2.3:a:liferay:liferay_portal:7.4.3.9
Liferay » Liferay Portal » Version: 7.4.3.90

cpe:2.3:a:liferay:liferay_portal:7.4.3.90
Liferay » Liferay Portal » Version: 7.4.3.91

cpe:2.3:a:liferay:liferay_portal:7.4.3.91
Liferay » Liferay Portal » Version: 7.4.3.92

cpe:2.3:a:liferay:liferay_portal:7.4.3.92
Liferay » Liferay Portal » Version: 7.4.3.94

cpe:2.3:a:liferay:liferay_portal:7.4.3.94
Liferay » Liferay Portal » Version: 7.4.3.95

cpe:2.3:a:liferay:liferay_portal:7.4.3.95
Liferay » Liferay Portal » Version: 7.4.3.96

cpe:2.3:a:liferay:liferay_portal:7.4.3.96
Liferay » Liferay Portal » Version: 7.4.3.97

cpe:2.3:a:liferay:liferay_portal:7.4.3.97
Liferay » Liferay Portal » Version: 7.4.3.98

cpe:2.3:a:liferay:liferay_portal:7.4.3.98
Liferay » Liferay Portal » Version: 7.4.3.99

cpe:2.3:a:liferay:liferay_portal:7.4.3.99

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-43808

Products

Pricing

Contact Us