High severity7.5NVD Advisory· Published Sep 1, 2020· Updated Jun 17, 2026
CVE-2020-24554
CVE-2020-24554
Description
The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.liferay.portal:release.portal.bomMaven | < 7.3.3 | 7.3.3 |
Affected products
2- Liferay/Portaldescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-mg53-xr8m-86hwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-24554ghsaADVISORY
- portal.liferay.dev/learn/security/known-vulnerabilitiesnvdVendor AdvisoryWEB
- portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119784956nvdVendor AdvisoryWEB
News mentions
0No linked articles in our index yet.