LPS-67679 Certain types of URL can bypass the portal's open redirect prevention

Description

The portal is vulnerable to open redirects for certain types of URLs. An attacker can potentially exploit this security vulnerability to mislead a user to different website.

Severity

Severity 2

Fixed Version(s)

Acknowledgments

This issue was reported by Galina Kovbasenko

Publication date: Tue, 23 Aug 2016 07:32:00 +0000

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.