CVE-2025-4655

EPSS 0.06%

Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery

Published: 8/9/2025Modified: 8/12/2025

Description

An SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, and 7.4 GA through update 92 allows template editors to bypass access validations via crafted URLs.

Affected packages (2)

Maven/com.liferay.portal:release.dxp.bom>= 2025.Q1.0, < 2025.Q1.6
Maven/com.liferay.portal:release.portal.bom>= 7.4.0, <= 7.4.3.132

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-4655
PATCHhttps://github.com/liferay/liferay-portal
WEBhttps://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-4655