CVE-2025-62253
📋 TL;DR
This open redirect vulnerability in Liferay Portal and DXP allows attackers to redirect authenticated users to malicious external websites by manipulating the redirect parameter in page administration. It affects users with page administration access in vulnerable versions. The vulnerability enables phishing attacks and credential theft through trusted-looking redirects.
💻 Affected Systems
- Liferay Portal
- Liferay DXP
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could redirect authenticated administrators to phishing sites that steal credentials, leading to full system compromise and data exfiltration.
Likely Case
Phishing attacks where users are redirected to malicious sites that mimic legitimate services to steal credentials or deliver malware.
If Mitigated
Limited impact if proper URL validation and user education about suspicious redirects are in place.
🎯 Exploit Status
Exploitation requires authenticated access to page administration. The vulnerability is in the redirect parameter handling.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Liferay Portal 7.4.3.98+, Liferay DXP 2023.Q4.1+, 2023.Q3.5+, 7.4 update 93+, 7.3 update 36+
Vendor Advisory: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-62253
Restart Required: No
Instructions:
1. Download the appropriate patch from Liferay's customer portal. 2. Apply the patch according to Liferay's patching documentation. 3. Verify the fix by testing the redirect functionality.
🔧 Temporary Workarounds
Input Validation Filter
allImplement a servlet filter or security filter to validate and sanitize redirect URLs, rejecting external URLs in the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter.
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block requests containing external URLs in the redirect parameter.
- Restrict access to page administration functionality to only trusted users and monitor for suspicious redirect patterns.
🔍 How to Verify
Check if Vulnerable:
Test by accessing page administration and attempting to set the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter to an external URL like https://evil.com.Check Version:
Check Liferay version via Control Panel → Server Administration → System Information, or examine liferay-portal.xml version property.Verify Fix Applied:
After patching, repeat the test; the system should reject external URLs or redirect to a safe internal page.📡 Detection & Monitoring
Log Indicators:
- Log entries showing redirects to external domains from page administration requests
- Unusual redirect patterns in access logs
Network Indicators:
- Outbound HTTP requests to suspicious domains following page administration access
SIEM Query:
source="liferay-logs" AND (url:*redirect* AND url:*http* AND NOT url:*liferay*)