Authorization Bypass Through User-Controlled Key Affecting com.liferay.commerce:com.liferay.commerce.service package, versions [,11.0.164)

Q: How to fix?

Upgrade com.liferay.commerce:com.liferay.commerce.service to version 11.0.164 or higher.

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Authorization Bypass Through User-Controlled Key vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-JAVA-COMLIFERAYCOMMERCE-13023407
published26 Sept 2025
disclosed23 Sept 2025
creditUnknown

Report a new vulnerability Found a mistake?

Introduced: 23 Sep 2025

NewCVE-2025-43810 (opens in a new tab) CWE-639 (opens in a new tab)

How to fix?

Upgrade com.liferay.commerce:com.liferay.commerce.service to version 11.0.164 or higher.

Overview

Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the com_liferay_commerce_order_web_internal_portlet_CommerceOrderPortlet_commerceOrderId parameter. An attacker can add notes to orders in a different virtual instance by specifying the target order's identifier.

References

CVSS Base Scores

version 4.0

version 3.1

Attack Vector (AV)
Network
Attack Complexity (AC)
Low
Attack Requirements (AT)
None
Privileges Required (PR)
Low
User Interaction (UI)
None

Confidentiality (VC)
None
Integrity (VI)
Low
Availability (VA)
None

Confidentiality (SC)
None
Integrity (SI)
None
Availability (SA)
None