Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Liferay DXP Use of Web Browser Cache Containing Sensitive Information Vulnerability - CVE-2025-62276 - Vulnerability Database
Liferay DXP

Liferay DXP Use of Web Browser Cache Containing Sensitive Information Vulnerability - CVE-2025-62276

Medium
Reference: CVE-2025-62276
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-62276
Title: Liferay DXP Use of Web Browser Cache Containing Sensitive Information Vulnerability
Overview:

The Document Library and the Adaptive Media modules in Liferay Portal 7.4.0 through 7.4.3.111 and older unsupported versions and Liferay DXP 2023.Q4.0 through 2023.Q4.10 2023.Q3.1 through 2023.Q3.10 7.4 GA through update 92 and older unsupported versions uses an incorrect cache-control header which allows local users to obtain access to downloaded files via the browser39s cache.