Critical severityNVD Advisory· Published Oct 17, 2023· Updated Sep 13, 2024
CVE-2023-44311
CVE-2023-44311
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationRedirect class in Liferay Portal 7.4.3.41 through 7.4.3.89, and Liferay DXP 7.4 update 41 through update 89 allow remote attackers to inject arbitrary web script or HTML via the (1) code, or (2) error parameter. This issue is caused by an incomplete fix in CVE-2023-33941.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.liferay:com.liferay.oauth2.provider.restMaven | < 4.0.51 | 4.0.51 |
com.liferay.portal:release.dxp.bomMaven | >= 7.4.13.u41, < 7.4.13.u90 | 7.4.13.u90 |
Affected products
2- Liferay/DXPv5Range: 7.4.13.u41
Patches
1c07e48d9f489LPS-191293 Escape oauth2 redirect request param
1 file changed · +2 −1
modules/apps/oauth2-provider/oauth2-provider-rest/src/main/java/com/liferay/oauth2/provider/rest/internal/endpoint/redirect/OAuth2ProviderApplicationRedirect.java+2 −1 modified@@ -6,6 +6,7 @@ package com.liferay.oauth2.provider.rest.internal.endpoint.redirect; import com.liferay.petra.string.StringBundler; +import com.liferay.portal.kernel.util.HtmlUtil; import javax.ws.rs.DefaultValue; import javax.ws.rs.Encoded; @@ -42,7 +43,7 @@ public Response redirect( StringBundler.concat( "<html><head><title>Liferay OAuth2 Redirect</title></head>", "<body><script type=\"text/javascript\">window.postMessage(", - "{code: \"", code, "\", error: \"", error, + "{code: \"", HtmlUtil.escape(code), "\", error: \"", error, "\"}, document.location.href);</script></body></html>") ).build(); }
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-49gm-5685-8fxvghsaADVISORY
- liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44311ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-44311ghsaADVISORY
- github.com/liferay/liferay-portal/commit/c07e48d9f489b24e97e71139ac5aa7ef339d9ee9ghsaWEB
- liferay.atlassian.net/browse/LPE-17804ghsaWEB
- liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44311ghsaWEB
News mentions
0No linked articles in our index yet.