Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 13 May 2026 23:18:45 +0000 1b683ee8-d653-4214-ac3d-4c60fe696268 https://db.gcve.eu/sighting/1b683ee8-d653-4214-ac3d-4c60fe696268/export {"uuid": "1b683ee8-d653-4214-ac3d-4c60fe696268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/cibsecurity/50250", "content": "\u203c CVE-2022-28977 \u203c\n\nHtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:43.000000Z"} {"uuid": "1b683ee8-d653-4214-ac3d-4c60fe696268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/cibsecurity/50250", "content": "\u203c CVE-2022-28977 \u203c\n\nHtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:43.000000Z"} https://db.gcve.eu/sighting/1b683ee8-d653-4214-ac3d-4c60fe696268/export Thu, 22 Sep 2022 07:11:43 +0000 7a3f6e4a-f3c9-435e-8834-cbba469d0070 https://db.gcve.eu/sighting/7a3f6e4a-f3c9-435e-8834-cbba469d0070/export {"uuid": "7a3f6e4a-f3c9-435e-8834-cbba469d0070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/arpsyndicate/3734", "content": "#ExploitObserverAlert\n\nCVE-2024-25609\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25609. HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.", "creation_timestamp": "2024-02-21T07:36:43.000000Z"} {"uuid": "7a3f6e4a-f3c9-435e-8834-cbba469d0070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/arpsyndicate/3734", "content": "#ExploitObserverAlert\n\nCVE-2024-25609\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25609. HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.", "creation_timestamp": "2024-02-21T07:36:43.000000Z"} https://db.gcve.eu/sighting/7a3f6e4a-f3c9-435e-8834-cbba469d0070/export Wed, 21 Feb 2024 07:36:43 +0000 9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211 https://db.gcve.eu/sighting/9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211/export {"uuid": "9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17674", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-28977\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\ud83d\udccf Published: 2022-09-22T00:02:08.000Z\n\ud83d\udccf Modified: 2025-05-27T16:00:50.051Z\n\ud83d\udd17 References:\n1. http://liferay.com\n2. https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash", "creation_timestamp": "2025-05-27T16:53:05.000000Z"} {"uuid": "9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17674", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-28977\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\ud83d\udccf Published: 2022-09-22T00:02:08.000Z\n\ud83d\udccf Modified: 2025-05-27T16:00:50.051Z\n\ud83d\udd17 References:\n1. http://liferay.com\n2. https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash", "creation_timestamp": "2025-05-27T16:53:05.000000Z"} https://db.gcve.eu/sighting/9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211/export Tue, 27 May 2025 16:53:05 +0000