Fri, 09 Nov 2018 08:42:00 +0000
CST-7102 Open redirect vulnerability with Blogs RSS and tunnel-web
An open redirect vulnerability exits with Blogs RSS and tunnel-web in Liferay Portal 7.1 CE GA1.
There is no patch available for Liferay Portal 7.1 CE GA1. Instead, users should upgrade to Liferay Portal 7.1 CE GA2 (7.1.1) or later to fix this issue.