CVE-2023-5190

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-5190
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5190.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-5190
Published
2024-02-20T06:15:07Z
Modified
2025-01-29T03:38:23Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Open redirect vulnerability in the Countries Management’s edit region page in Liferay Portal 7.4.3.45 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 45 through 92 allows remote attackers to redirect users to arbitrary external URLs via the comliferayaddresswebinternalportletCountriesManagementAdminPortletredirect parameter.

References

Affected packages

Git / github.com/liferay/liferay-portal

Affected ranges

Type
GIT
Repo
https://github.com/liferay/liferay-portal
Events