Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-5190 - Vulnerability Database
Liferay Portal

Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-5190

Medium
Reference: CVE-2023-5190
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-5190
Title: Liferay Portal URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

Open redirect vulnerability in the Countries Managements edit region page in Liferay Portal 7.4.3.45 through 7.4.3.101 and Liferay DXP 2023.Q3 before patch 6 and 7.4 update 45 through 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_address_web_internal_portlet_CountriesManagementAdminPortlet_redirect parameter.