CVE-2023-44308 Information

Description

Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patch 6 and 7.4 GA through update 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect parameter.

Reference

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44308