N/A

CVSS Score

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-43732

CVE-2025-43732: Liferay Portal Vulnerable to Insecure Direct Object Reference

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference (IDOR) in the groupId parameter of the _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. When an organization administrator modifies this parameter id value, they can gain unauthorized access to user lists from other organizations.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-43732

CVE-2025-43732:

N/A

CVSS Score

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.liferay:com.liferay.roles.selector.web	maven	< 5.0.32	5.0.32

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis of the provided commits, particularly 1ab3de8142d9201d10d89f5eeb1edeea64599d57 and f07339e42a5788aa44016c4ca566b92399643442, clearly points to an Insecure Direct Object Reference (IDOR) vulnerability in the getSearchContainer method of the EditRolesUsersDisplayContext class. The vulnerability description states that the groupId parameter in _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId is vulnerable. The code changes in the patch directly address this by adding a crucial permission check. Specifically, the GroupPermissionUtil.contains call is added to verify that the user making the request has the ASSIGN_USER_ROLES permission for the groupId they are trying to access. Before this fix, the absence of this check allowed an organization administrator to manipulate the groupId and view users from other organizations, which they were not authorized to see. The vulnerable function, getSearchContainer, was directly responsible for processing this malicious input and returning the unauthorized data. The added test cases in commit 830140e15ccfeb105641681c4f2bb375c12582ba further confirm this scenario by simulating the exact attack and verifying that the fix prevents it.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-43732: Liferay Portal Vulnerable to Insecure Direct Object Reference

CVE-2025-43732:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

CVE-2025-43732: Liferay Portal Vulnerable to Insecure Direct Object Reference

Basic Information

Basic Information

N/A

N/A

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI