Open redirect vulnerability in the System Settings in Liferay Portal and Liferay DXP allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_configuration_admin_web_portlet_SystemSettingsPortlet_redirect parameter.

Open redirect vulnerability in the Instance Settings in Liferay Portal and Liferay DXP allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_configuration_admin_web_portlet_InstanceSettingsPortlet_redirect parameter.

Open redirect vulnerability in the Site Settings in Liferay Portal and Liferay DXP allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_site_admin_web_portlet_SiteSettingsPortlet_redirect parameter.