Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2025-43767 - Vulnerability Database
Liferay DXP

Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2025-43767

Medium
Reference: CVE-2025-43767
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-43767
Title: Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131 and Liferay DXP 2024.Q3.1 through 2024.Q3.9 2024.Q2.0 through 2024.Q2.13 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site.