CST-7102 Open redirect vulnerability with Blogs RSS and tunnel-web

Description

An open redirect vulnerability exits with Blogs RSS and tunnel-web in Liferay Portal 7.1 CE GA1.

Severity

Severity 2

Fixed Version(s)

Acknowledgments

This issue was reported by Tiago Sintra

Publication date: Fri, 09 Nov 2018 08:42:00 +0000

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.