Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2020-24554 - Vulnerability Database
Liferay Portal

Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2020-24554

High
Reference: CVE-2020-24554
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-24554
Title: Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.