HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Liferay
Liferay digital Experience Platform Liferay liferay Portal |
|
CPEs | cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_17:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_18:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_4:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:* cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Liferay
Liferay digital Experience Platform Liferay liferay Portal |
MITRE
Status: PUBLISHED
Assigner: Liferay
Published: 2024-02-20T09:37:55.362Z
Updated: 2024-08-23T19:19:20.308Z
Reserved: 2024-02-08T13:57:11.426Z
Link: CVE-2024-25609
Vulnrichment
Updated: 2024-08-01T23:44:09.679Z
NVD
Status : Analyzed
Published: 2024-02-20T10:15:08.707
Modified: 2024-12-11T17:55:21.677
Link: CVE-2024-25609
Redhat
No data.