Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability - CVE-2025-43793 - Vulnerability Database
Liferay DXP

Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability - CVE-2025-43793

High
Reference: CVE-2025-43793
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-43793
Title: Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability
Overview:

Liferay Portal 7.4.0 through 7.4.3.105 and older unsupported versions and Liferay DXP 2023.Q4.0 2023.Q3.1 through 2023.Q3.4 7.4 GA through update 92 7.3 GA through update 35 and older unsupported versions may incorrectly identify the subdomain of a domain name and create a supercookie which allows remote attackers who control a website that share the same TLD to read cookies set by the application.