CVE-2025-43767 is an Open Redirect vulnerability (CWE-601) identified in multiple versions of the Liferay Portal product, specifically versions 7.4.3.86 through 7.4.3.131, and various releases of Liferay DXP 2024.Q1 through 2024.Q3, including updates 86 through 92 of version 7.4. The vulnerability exists in the /c/portal/edit_info_item endpoint, where the 'redirect' parameter can be manipulated by an attacker to redirect users to arbitrary, potentially malicious external websites. This flaw arises because the application fails to properly validate or restrict the URLs provided in the redirect parameter, allowing attackers to craft URLs that appear legitimate but redirect victims to phishing sites, malware distribution points, or other harmful destinations. The CVSS 4.0 base score is 5.1 (medium severity), reflecting that the vulnerability is remotely exploitable without authentication, requires no privileges, but does require user interaction (clicking a crafted link). The impact on confidentiality and integrity is limited, but availability impact is negligible. No known exploits are currently reported in the wild, and no patches are linked in the provided data, indicating that remediation may still be pending or in progress. This vulnerability primarily facilitates social engineering attacks by leveraging user trust in the legitimate Liferay Portal domain to redirect users to malicious sites.

For European organizations using Liferay Portal, this vulnerability poses a significant risk primarily in the form of phishing and social engineering attacks. Attackers can exploit the open redirect to craft URLs that appear to originate from a trusted corporate portal, increasing the likelihood that users will follow malicious links. This can lead to credential theft, malware infections, or unauthorized access to sensitive information if users are redirected to fake login pages or exploit sites. The impact is particularly concerning for sectors with high reliance on Liferay Portal for internal or customer-facing services, such as government agencies, financial institutions, and large enterprises. While the vulnerability itself does not directly compromise system integrity or availability, the secondary effects of successful phishing campaigns can lead to data breaches, financial fraud, and reputational damage. Additionally, the ease of exploitation without authentication and the widespread use of Liferay in Europe amplify the potential risk.

Organizations should immediately review their Liferay Portal deployments and identify if they are running affected versions. Although no patch links are provided, it is critical to monitor Liferay's official security advisories and apply vendor-released patches as soon as they become available. In the interim, administrators can implement strict input validation and URL whitelisting on the 'redirect' parameter to ensure only trusted internal URLs are accepted. Web Application Firewalls (WAFs) can be configured to detect and block suspicious redirect attempts. User awareness training should be enhanced to educate employees about the risks of clicking on unexpected links, even if they appear to come from trusted portals. Additionally, organizations should audit their public-facing URLs and communications to minimize exposure to crafted malicious links. Logging and monitoring of redirect parameter usage can help detect exploitation attempts early.