Maven package
com.liferay.commerce/com.liferay.commerce.product.type.virtual.service
pkg:maven/com.liferay.commerce/com.liferay.commerce.product.type.virtual.service
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-43808 | — | < 4.0.47 | 4.0.47 | Sep 19, 2025 | The Commerce component in Liferay Portal 7.3.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and 7.3 service pack 3 through update 35 saves virtual products uploaded to Documents and Media with guest view p |
- CVE-2025-43808Sep 19, 2025affected < 4.0.47fixed 4.0.47
The Commerce component in Liferay Portal 7.3.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and 7.3 service pack 3 through update 35 saves virtual products uploaded to Documents and Media with guest view p