6 matches found
EUVD-2024-22932
Malicious code in bioql PyPI...
CVE-2022-28977
HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users t...
CVE-2022-28977
creationtimestamp| type| source ---|---|--- 2022-09-22 07:11:43+00:00| seen| https://t.me/cibsecurity/50250 2024-02-21 07:36:43+00:00| seen| https://t.me/arpsyndicate/3734 2025-05-27 16:53:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17674...
CVE-2022-28977
HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users t...
CVE-2022-28977
HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users t...
CVE-2022-28977
CVE-2022-28977 involves HtmlUtil.escapeRedirect in Liferay Portal and Liferay DXP where an attacker can bypass the redirect protection by using multiple forward slashes to redirect users to arbitrary external URLs via parameters such as redirect and FORWARD_URL. Affected versions include Liferay ...