CVE-2024-25606 | Liferay Portal/DXP Java2WsddTask._format xml external entity reference

CVE-2024-25606 | Liferay Portal/DXP Java2WsddTask._format xml external entity reference

A vulnerability, which was classified as problematic, was found in Liferay Portal and DXP. Affected is the function Java2WsddTask._format. The manipulation leads to xml external entity reference. This vulnerability is traded as CVE-2024-25606. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.