ghsa-rpx3-f938-xj5q
Vulnerability from github
Published
2025-09-24 03:30
Modified
2025-09-27 03:25
Severity ?
Summary
Liferay Portal and DXP does not properly expire sessions
Details
Summary
Liferay Portal/DXP contains an Insufficient Session Expiration issue where the Single Logout (SLO) API may fail to invalidate a user’s previous session. An attacker can reuse a stale session via the SLO endpoint to gain an authenticated context.
Affected Versions
The following platform versions are affected:
- Liferay Portal:
7.3.3.131through7.4.3.121 - Liferay DXP:
2024.Q4.0–2024.Q4.32024.Q3.1–2024.Q3.132024.Q2.0–2024.Q2.132024.Q1.1–2024.Q1.12
Remediation
Update to the fixed builds and, for Maven consumers of the SAML module, upgrade com.liferay:com.liferay.saml.impl to 5.0.51 or later. After upgrading, ensure session invalidation policies are enforced and verify SLO behavior end-to-end.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay:com.liferay.saml.impl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.0.51"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-43819"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-24T17:28:45Z",
"nvd_published_at": "2025-09-24T02:15:31Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nLiferay Portal/DXP contains an Insufficient Session Expiration issue where the Single Logout (SLO) API may fail to invalidate a user\u2019s previous session. An attacker can reuse a stale session via the SLO endpoint to gain an authenticated context.\n\n### Affected Versions\n\nThe following platform versions are affected:\n\n* **Liferay Portal:** `7.3.3.131` through `7.4.3.121`\n* **Liferay DXP:**\n * `2024.Q4.0`\u2013`2024.Q4.3`\n * `2024.Q3.1`\u2013`2024.Q3.13`\n * `2024.Q2.0`\u2013`2024.Q2.13`\n * `2024.Q1.1`\u2013`2024.Q1.12`\n\n### Remediation\n\nUpdate to the fixed builds and, for Maven consumers of the SAML module, upgrade `com.liferay:com.liferay.saml.impl` to **5.0.51** or later. After upgrading, ensure session invalidation policies are enforced and verify SLO behavior end-to-end.",
"id": "GHSA-rpx3-f938-xj5q",
"modified": "2025-09-27T03:25:21Z",
"published": "2025-09-24T03:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43819"
},
{
"type": "WEB",
"url": "https://github.com/liferay/liferay-portal/commit/433dff5edae4414fdc436b49a9edb62d721c84b5"
},
{
"type": "WEB",
"url": "https://github.com/liferay/liferay-portal/commit/da9105a61d788801797797a32583a4b76c902cdc"
},
{
"type": "PACKAGE",
"url": "https://github.com/liferay/liferay-portal"
},
{
"type": "WEB",
"url": "https://liferay.atlassian.net/browse/LPE-18159"
},
{
"type": "WEB",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-rpx3-f938-xj5q"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Liferay Portal and DXP does not properly expire sessions"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.