CVE-2025-62262
Description
Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users to view user email address in the log files.
Risk Information
Base Score
4.4
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.015
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-62262 are fixed in Liferay - com.liferay.portal.security.ldap.impl 4.0.54 | Windows |
| Vulnerabilities CVE-2025-62262 are fixed in Liferay - com.liferay.portal.security.ldap.impl for Linux 4.0.54 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234