Description
In Liferay Portal before 7.3.1, the PortalUtil.escapeRedirect() API can be circumvented by using the tab character. This may allow an attacker to redirect a user to an external site (i.e., an open redirect vulnerability).
Severity
Severity 2
Fixed Version(s)
- Liferay Portal 7.3.1
- June 2020 source patch for Liferay Portal 7.2.1. Details for working with source patches can be found on the Patching Liferay Portal page.
- June 2020 source patch for Liferay Portal 7.1.3. Details for working with source patches can be found on the Patching Liferay Portal page.
Acknowledgments
This issue was reported by Jawwad Hussain
Publication date: Tue, 09 Jun 2020 02:00:00 +0000