CVE-2025-43814
22.09.2025, 23:15
In Liferay Portal 7.4.0 through 7.4.3.112, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions the audit events records a users password reminder answer, which allows remote authenticated users to obtain a users password reminder answer via the audit events.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.
Common Weakness Enumeration
Vulnerability Media Exposure