Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-44308 - Vulnerability Database
Liferay DXP

Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-44308

Medium
Reference: CVE-2023-44308
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-44308
Title: Liferay DXP URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patch 6 and 7.4 GA through update 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect parameter.