Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2020-24554 - Vulnerability Database
Liferay Portal

Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2020-24554

High
Reference: CVE-2020-24554
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-24554
Title: Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.