CVE-2023-5190
- Source
- https://cve.org/CVERecord?id=CVE-2023-5190
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5190.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-5190
- Aliases
- Published
- 2024-02-20T06:15:07.680Z
- Modified
- 2026-05-28T04:09:12.563572035Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Open redirect vulnerability in the Countries Management’s edit region page in Liferay Portal 7.4.3.45 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 45 through 92 allows remote attackers to redirect users to arbitrary external URLs via the comliferayaddresswebinternalportletCountriesManagementAdminPortletredirect parameter.
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "7.4-update45" }, { "last_affected": "7.4-update46" }, { "last_affected": "7.4-update47" }, { "last_affected": "7.4-update48" }, { "last_affected": "7.4-update49" }, { "last_affected": "7.4-update50" }, { "last_affected": "7.4-update51" }, { "last_affected": "7.4-update52" }, { "last_affected": "7.4-update53" }, { "last_affected": "7.4-update54" }, { "last_affected": "7.4-update55" }, { "last_affected": "7.4-update56" }, { "last_affected": "7.4-update57" }, { "last_affected": "7.4-update58" }, { "last_affected": "7.4-update59" }, { "last_affected": "7.4-update60" }, { "last_affected": "7.4-update61" }, { "last_affected": "7.4-update62" }, { "last_affected": "7.4-update63" }, { "last_affected": "7.4-update64" }, { "last_affected": "7.4-update65" }, { "last_affected": "7.4-update66" }, { "last_affected": "7.4-update67" }, { "last_affected": "7.4-update68" }, { "last_affected": "7.4-update69" }, { "last_affected": "7.4-update70" }, { "last_affected": "7.4-update71" }, { "last_affected": "7.4-update72" }, { "last_affected": "7.4-update73" }, { "last_affected": "7.4-update74" }, { "last_affected": "7.4-update75" }, { "last_affected": "7.4-update76" }, { "last_affected": "7.4-update77" }, { "last_affected": "7.4-update78" }, { "last_affected": "7.4-update79" }, { "last_affected": "7.4-update80" }, { "last_affected": "7.4-update81" }, { "last_affected": "7.4-update82" }, { "last_affected": "7.4-update83" }, { "last_affected": "7.4-update84" }, { "last_affected": "7.4-update85" }, { "last_affected": "7.4-update86" }, { "last_affected": "7.4-update87" }, { "last_affected": "7.4-update88" }, { "last_affected": "7.4-update89" }, { "last_affected": "7.4-update90" }, { "last_affected": "7.4-update91" }, { "last_affected": "7.4-update92" }, { "last_affected": "2023.q3.0" }, { "last_affected": "2023.q3.1" }, { "last_affected": "2023.q3.2" }, { "last_affected": "2023.q3.3" }, { "last_affected": "2023.q3.4" }, { "last_affected": "2023.q3.5" } ], "cpes": [ "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.0:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.1:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.2:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.3:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.4:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:2023.q3.5:*:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*" ], "source": "CPE_STRING", "vendor_product": "liferay:digital_experience_platform" } ] }- References