Lucene search
PRIOn knowledge basePRION:CVE-2023-35029HistoryJun 15, 2023 - 4:15 a.m.
Open redirect
2023-06-1504:15:00
PRIOn knowledge base
www.prio-n.com
5
open redirect
liferay portal
liferay dxp
seo configuration
remote attackers
arbitrary external urls
vulnerability
Open redirect vulnerability in the Layout module’s SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dxp | eq | 7.4 update-71 | |
| dxp | eq | 7.4 update-72 | |
| dxp | eq | 7.4 update-73 | |
| dxp | eq | 7.4 update-74 | |
| dxp | eq | 7.4 update-75 | |
| dxp | eq | 7.4 update-76 | |
| dxp | eq | 7.4 update-70 | |
| liferay_portal | ge | 7.4.3.70 | |
| liferay_portal | lt | 7.4.3.77 |
Related
veracode
veracode
Open Redirect
2023-06-29 06:16:07
osv
osv
CVE-2023-35029
2023-06-15 04:15:34
cvelist
cvelist
CVE-2023-35029
2023-06-15 03:59:44
cve
cve
CVE-2023-35029
2023-06-15 04:15:34
nvd
nvd
CVE-2023-35029
2023-06-15 04:15:34
nessus
nessus
Liferay Portal CE 7.4.3.70 < x < 7.4.3.77 Multiple vulnerabilities
2023-06-22 00:00:00
Liferay DXP 7.4.13.70 < x < 7.4.13.77 Multiple vulnerabilities
2023-06-29 00:00:00