CVE-2025-43795
📋 TL;DR
This CVE describes an open redirect vulnerability in Liferay Portal and DXP that allows attackers to redirect users to malicious external websites. The vulnerability affects multiple settings pages (System, Instance, and Site Settings) via specific redirect parameters. Organizations running affected Liferay versions are vulnerable to phishing and social engineering attacks.
💻 Affected Systems
- Liferay Portal
- Liferay DXP
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise, data theft, or ransomware infection.
Likely Case
Attackers use crafted links to redirect users to phishing pages, tricking them into entering credentials or downloading malicious content.
If Mitigated
With proper user awareness training and URL validation, impact is limited to potential trust erosion when users see unexpected redirects.
🎯 Exploit Status
Exploitation requires tricking users into clicking malicious links but is technically simple once the vulnerability is understood.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Liferay Portal 7.4.3.102+, Liferay DXP 2023.Q3.5+, 7.4 update 93+, 7.3 update 36+
Vendor Advisory: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43795
Restart Required: No
Instructions:
1. Download the appropriate patch from Liferay's customer portal. 2. Apply the patch following Liferay's patch installation procedures. 3. Verify the fix by testing redirect functionality.
🔧 Temporary Workarounds
Input Validation Filter
allImplement a servlet filter or security filter to validate and sanitize redirect parameters before processing.
URL Whitelist
allRestrict redirect URLs to trusted domains only through configuration or custom code.
🧯 If You Can't Patch
- Implement WAF rules to block requests containing malicious redirect parameters
- Educate users about phishing risks and not clicking suspicious links
🔍 How to Verify
Check if Vulnerable:
Test by accessing System/Instance/Site Settings with a crafted redirect parameter pointing to an external domain and check if redirect occurs.Check Version:
Check Liferay version via Control Panel → Configuration → Server Administration → System InformationVerify Fix Applied:
After patching, repeat the vulnerability test - valid redirects should work but external domain redirects should be blocked or sanitized.📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '_com_liferay_*_redirect' parameters with external URLs
- Unexpected redirect responses (302/301) to external domains
Network Indicators:
- Outbound connections to unexpected domains following Liferay access
SIEM Query:
web.url:*redirect* AND (web.url:*http://* OR web.url:*https://*) AND NOT web.url:*liferay*