Listen to this Post
The CVE-2025-21790 vulnerability is an open redirect flaw within the Liferay Portal’s page administration interface. It specifically exists in the `GroupPagesPortlet` component. The vulnerability is triggered via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect` parameter. An attacker can craft a malicious URL containing this parameter with a manipulated value pointing to an external, attacker-controlled domain. When an authenticated user clicks this link, the application processes the request and performs a redirect to the URL specified in the parameter without proper validation. This lack of sanitization for the redirect parameter allows the redirection to occur to any arbitrary external site, facilitating phishing attacks by making a malicious link appear to originate from a trusted Liferay domain.
Platform: Liferay Portal/DXP
Version: 7.4.0-7.4.3.97
Vulnerability : Open Redirect
Severity: Moderate
date: 2025-10-27
Prediction: 2025-11-17
What Undercode Say:
curl -s "http://vulnerable-liferay.com/group/control_panel/manage?p_p_id=com_liferay_layout_admin_web_portlet_GroupPagesPortlet&_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect=http://malicious.site/phishing"
// Example vulnerable parameter processing String redirect = ParamUtil.getString(actionRequest, "_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect"); response.sendRedirect(redirect); // Unsanitized redirect
How Exploit:
1. Attacker crafts malicious URL.
2. Tricks user into clicking.
3. User redirected to phishing site.
Protection from this CVE
Upgrade to patched version.
Implement redirect allow-lists.
Validate all redirect URLs.
Impact:
Phishing attacks
User trust abuse
Credential theft
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
