CVE-2022-28977 Information

Description

HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2 and Liferay DXP 7.0 fix pack 91 through 101 7.1 fix pack 17 through 25 7.2 fix pack 5 through 14 and 7.3 before service pack 3 can be circumvented by using multiple forward slashes which allows remote attackers to redirect users to arbitrary external URLs via the (1) ‘redirectparameter (2)FORWARD_URL` parameter and (3) others parameters that rely on HtmlUtil.escapeRedirect.

Reference

https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash http://liferay.com