Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patch 6, and 7.4 GA through update 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Liferay DXP 安全漏洞
Vulnerability Description
Liferay DXP是美国Liferay公司的一套数字化体验协作平台。 Liferay DXP 存在安全漏洞,该漏洞源于存在开放重定向漏洞,允许远程攻击者通过 _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect 参数将用户重定向到任意外部 URL。
CVSS Information
N/A
Vulnerability Type
N/A