HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.
References
Configurations
Configuration 1 (hide)
|
History
11 Dec 2024, 17:55
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:* cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_18:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_4:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_17:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:* cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:* |
|
| First Time |
Liferay digital Experience Platform
Liferay liferay Portal Liferay |
|
| CWE | CWE-601 | |
| References | () https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25609 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
20 Feb 2024, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-20 10:15
Updated : 2024-12-11 17:55
NVD link : CVE-2024-25609
Mitre link : CVE-2024-25609
JSON object : View
Products Affected
liferay
- digital_experience_platform
- liferay_portal
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')