CVE-2025-62245 is a Cross-Site Request Forgery (CSRF) vulnerability classified under CWE-352 that affects Liferay Portal versions 7.4.1 through 7.4.3.112 and Liferay DXP versions spanning 2023.Q3.1 to 2023.Q4.5, including 7.4 GA through update 92. CSRF vulnerabilities occur when an attacker tricks an authenticated user into submitting a forged request to a web application, causing the application to perform unwanted actions on behalf of the user. In this case, the vulnerability allows remote attackers to add and edit publication comments without requiring any authentication or privileges, exploiting the trust a web application places in the user's browser. The CVSS 4.0 vector indicates the attack is network-based (AV:N), requires low attack complexity (AC:L), no privileges (PR:N), no authentication (AT:N), but does require user interaction (UI:A). The impact is primarily on integrity (VI:L), with no confidentiality or availability impact. No known public exploits or patches have been reported as of the publication date, but the vulnerability’s presence in widely used Liferay Portal and DXP versions means it could be targeted in the future. The lack of CSRF protections on comment management endpoints allows attackers to manipulate content, potentially leading to misinformation, defacement, or reputational damage. The vulnerability affects web applications that rely on Liferay Portal for content management, collaboration, or publication workflows.

For European organizations, the impact of CVE-2025-62245 can be significant, especially for those relying on Liferay Portal or DXP for public-facing websites, intranets, or digital collaboration platforms. Unauthorized modification of publication comments can lead to misinformation, reputational harm, and loss of user trust. In regulated sectors such as finance, healthcare, or government, such integrity breaches could also result in compliance violations or legal consequences. Since the vulnerability does not require authentication, attackers can exploit it remotely, increasing the risk of widespread abuse. Although availability and confidentiality are not directly impacted, the integrity compromise can indirectly affect business operations and user confidence. The absence of known exploits currently provides a window for proactive mitigation, but organizations should not delay remediation. The threat is more acute for entities with high user interaction on Liferay-powered portals, including media companies, educational institutions, and public sector bodies across Europe.

To mitigate CVE-2025-62245, organizations should implement the following specific measures: 1) Immediately review and restrict comment management functionalities to authenticated and authorized users only, applying strict access controls. 2) Employ anti-CSRF tokens on all state-changing requests, especially those related to comment addition and editing, ensuring tokens are validated server-side. 3) Monitor web server logs and application activity for unusual comment modifications or patterns indicative of CSRF exploitation attempts. 4) Configure Content Security Policy (CSP) headers to limit the sources of executable scripts and reduce the risk of cross-site attacks. 5) Engage with Liferay support channels to obtain and apply official patches or updates as soon as they become available. 6) Educate users about the risks of interacting with suspicious links or websites that could trigger CSRF attacks. 7) Consider deploying Web Application Firewalls (WAFs) with rules tailored to detect and block CSRF attack patterns targeting Liferay endpoints. 8) Conduct regular security assessments and penetration tests focusing on CSRF and other web vulnerabilities in Liferay deployments.