First published: Tue Feb 20 2024(Updated: )
HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.
Credit: security@liferay.com
Affected Software | Affected Version | How to fix |
---|---|---|
Liferay Digital Experience Platform | <7.2 | |
Liferay Digital Experience Platform | =7.2 | |
Liferay Digital Experience Platform | =7.2-fix_pack_1 | |
Liferay Digital Experience Platform | =7.2-fix_pack_10 | |
Liferay Digital Experience Platform | =7.2-fix_pack_11 | |
Liferay Digital Experience Platform | =7.2-fix_pack_12 | |
Liferay Digital Experience Platform | =7.2-fix_pack_13 | |
Liferay Digital Experience Platform | =7.2-fix_pack_14 | |
Liferay Digital Experience Platform | =7.2-fix_pack_15 | |
Liferay Digital Experience Platform | =7.2-fix_pack_16 | |
Liferay Digital Experience Platform | =7.2-fix_pack_17 | |
Liferay Digital Experience Platform | =7.2-fix_pack_18 | |
Liferay Digital Experience Platform | =7.2-fix_pack_2 | |
Liferay Digital Experience Platform | =7.2-fix_pack_3 | |
Liferay Digital Experience Platform | =7.2-fix_pack_4 | |
Liferay Digital Experience Platform | =7.2-fix_pack_5 | |
Liferay Digital Experience Platform | =7.2-fix_pack_6 | |
Liferay Digital Experience Platform | =7.2-fix_pack_7 | |
Liferay Digital Experience Platform | =7.2-fix_pack_8 | |
Liferay Digital Experience Platform | =7.2-fix_pack_9 | |
Liferay Digital Experience Platform | =7.2-service_pack_1 | |
Liferay Digital Experience Platform | =7.2-service_pack_2 | |
Liferay Digital Experience Platform | =7.2-service_pack_3 | |
Liferay Digital Experience Platform | =7.2-service_pack_4 | |
Liferay Digital Experience Platform | =7.2-service_pack_5 | |
Liferay Digital Experience Platform | =7.2-service_pack_6 | |
Liferay Digital Experience Platform | =7.3-service_pack_3 | |
Liferay Digital Experience Platform | =7.4 | |
Liferay Digital Experience Platform | =7.4-update1 | |
Liferay Digital Experience Platform | =7.4-update2 | |
Liferay Digital Experience Platform | =7.4-update3 | |
Liferay Digital Experience Platform | =7.4-update4 | |
Liferay Digital Experience Platform | =7.4-update5 | |
Liferay Digital Experience Platform | =7.4-update6 | |
Liferay Digital Experience Platform | =7.4-update7 | |
Liferay Digital Experience Platform | =7.4-update8 | |
Liferay Liferay Portal | <7.4.3.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.