CVE-2025-62267

Published Oct 31, 2025
Last updated 4 months ago
CVSS medium 4.6
Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user’s (1) First Name, (2) Middle Name, or (3) Last Name text field.
Source: security@liferay.com
NVD status: Analyzed
Products: digital_experience_platform, liferay_portal
Risk scores

CVSS 4.0

Type: Secondary
Base score: 4.6
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: MEDIUM
CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
Weaknesses

security@liferay.com: CWE-79
Hype score: Not currently trending
CVE-2025-62267 Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023… https://t.co/n5yJShUV09
@CVEnew
31 Oct 2025
274 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "8E19E344-92B4-4B46-BD89-25EC7191972C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*",
            "matchCriteriaId": "341D1157-8118-4BD3-A902-36E90E066706",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*",
            "matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*",
            "matchCriteriaId": "9446B3A5-6647-416C-92AF-7B6E0E929765",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*",
            "matchCriteriaId": "06386C7A-CAA1-4FC4-9182-5A66342FB903",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*",
            "matchCriteriaId": "8C84B701-B9A1-43D0-AF0C-30EDBD24CF90",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*",
            "matchCriteriaId": "BA9AF651-D118-4437-B400-531B26BF6801",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*",
            "matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*",
            "matchCriteriaId": "119B54BD-75F4-46A4-A57D-16CFF4E12CEB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*",
            "matchCriteriaId": "A3382E2D-A414-40A1-A330-619859756A36",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*",
            "matchCriteriaId": "2E07B750-55B6-4DB6-B02B-216C2F5505A9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*",
            "matchCriteriaId": "B921E670-480F-4793-A636-3855A1654908",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*",
            "matchCriteriaId": "62AE52FE-FB7F-4339-BDDE-E5AD235BBC58",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*",
            "matchCriteriaId": "C99508DB-19E9-4832-AB38-57C61C7D68BC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*",
            "matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*",
            "matchCriteriaId": "131E4E65-D997-47F1-8CB8-15CE6A60AB1D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*",
            "matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*",
            "matchCriteriaId": "94AC684E-3C5F-4859-B6EB-42C478F9DD11",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*",
            "matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*",
            "matchCriteriaId": "9855E3CB-925E-4623-A776-59422AB2FC6A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*",
            "matchCriteriaId": "01C3B7BE-1F9B-4EDA-990C-A4022CB85612",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*",
            "matchCriteriaId": "65CF766C-626D-4F8C-BDBF-F0C5404DD545",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*",
            "matchCriteriaId": "720EF24C-9A36-405B-A380-6114C150B376",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*",
            "matchCriteriaId": "44479EF5-40BD-43A2-AD0F-CE1660222AB2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*",
            "matchCriteriaId": "B8E0BD92-0F77-481E-8167-F81755E00703",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*",
            "matchCriteriaId": "2BDB885E-814A-4CA8-A81C-1DB35989089B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*",
            "matchCriteriaId": "1675366A-2388-4F7E-B423-D39BC7D3D38D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*",
            "matchCriteriaId": "B93C3CF2-4F45-4F6C-AB6D-F9ABDA7C4DA8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*",
            "matchCriteriaId": "34A6A6A0-9307-4F5D-9605-1F786D1CD62A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*",
            "matchCriteriaId": "6B994132-7103-4132-9D90-11CA264FEDE3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*",
            "matchCriteriaId": "A1958E04-AB8A-4B0E-AB45-B810CAED2EEF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*",
            "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*",
            "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*",
            "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*",
            "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*",
            "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*",
            "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*",
            "matchCriteriaId": "294D8A56-A797-433C-A06E-106B2179151A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*",
            "matchCriteriaId": "824D88D9-4645-4CAD-8CAB-30F27DD388C4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*",
            "matchCriteriaId": "F6E8C952-B455-46E4-AC3D-D38CAF189F60",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*",
            "matchCriteriaId": "CD77C0EE-AC79-4443-A502-C1E02F806911",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*",
            "matchCriteriaId": "648EB53C-7A90-4DA6-BF1C-B5336CDE30C7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*",
            "matchCriteriaId": "39835EF7-8E93-4695-973D-6E9B76C67372",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*",
            "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*",
            "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*",
            "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*",
            "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*",
            "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*",
            "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "1EF6451A-2A5D-4222-A1C6-113AA4B8D4E6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "9D6CE430-3C95-4855-BA44-E2E136D1FEB2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "44FEB149-C792-493D-B055-568FFC96298A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "B050DD73-71B6-46CD-A35B-7ACB53BE6C6A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "62432289-E1DC-4013-85C7-6B77299A910F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "0912EEFE-DC56-43F6-AE0E-A4E2A033F3C5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "9398F679-5F47-4DF2-AA91-4A21126675C6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "8296B54A-976A-404C-AB77-0619E4297A69",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.9:*:*:*:*:*:*:*",
            "matchCriteriaId": "F778EB15-2AB0-44C1-BD99-9F7F1851E167",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.10:*:*:*:*:*:*:*",
            "matchCriteriaId": "625E6C10-D0C7-4C5D-99F8-601A7B942392",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "B5CE3202-2723-44A6-B63F-061138287FDA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "A27A8480-7EE1-4265-9117-D6C234ACAC5F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "94425688-725E-41DC-B2D3-14F2A7163AD6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "623CA096-BDBB-4F59-B734-07FB405800CE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "30B27CBE-14BA-4EBB-8B74-91DD1228A1F5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "81EDBB1C-9EBB-4FAD-ADAC-B5A890BB3F50",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "658B4C0D-D8A2-40DF-87BE-A2E148082BB7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "9C3DD89D-A40C-4C31-B698-A23C4A6F243E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "C785189B-09C0-4395-A8C5-4C548836B08C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.9:*:*:*:*:*:*:*",
            "matchCriteriaId": "C436962A-5DAC-4843-9EE9-3E18F1524BE0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023.q4.10:*:*:*:*:*:*:*",
            "matchCriteriaId": "DFCAE569-D95A-4635-8E92-5142A7C70F51",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "82D2F60B-3F73-4297-B9CE-99FFFA40E9CA",
            "versionEndExcluding": "7.4.3.112",
            "versionStartIncluding": "7.4.3.35",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 4.0

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References
