{"vulnerability": "CVE-2022-2897", "sightings": [{"uuid": "9c9bb4b7-b11b-44f3-99cc-5d2f70d4b211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17674", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-28977\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\ud83d\udccf Published: 2022-09-22T00:02:08.000Z\n\ud83d\udccf Modified: 2025-05-27T16:00:50.051Z\n\ud83d\udd17 References:\n1. http://liferay.com\n2. https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash", "creation_timestamp": "2025-05-27T16:53:05.000000Z"}, {"uuid": "7a3f6e4a-f3c9-435e-8834-cbba469d0070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/arpsyndicate/3734", "content": "#ExploitObserverAlert\n\nCVE-2024-25609\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25609. HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. This vulnerability is the result of an incomplete fix in CVE-2022-28977.", "creation_timestamp": "2024-02-21T07:36:43.000000Z"}, {"uuid": "7a184ba1-24c0-4731-b643-745b60c38837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28975", "type": "seen", "source": "https://t.me/ctinow/174079", "content": "https://ift.tt/E75ZQlq\nCVE-2022-28975 | Infoblox NIOS 8.5.2-409296 VLAN View Name cross site scripting", "creation_timestamp": "2024-01-26T09:41:47.000000Z"}, {"uuid": "c511db6c-21ad-4be9-981a-c21199e6ae3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28975", "type": "seen", "source": "https://t.me/ctinow/165057", "content": "https://ift.tt/QCmeMaV\nCVE-2022-28975", "creation_timestamp": "2024-01-09T15:26:58.000000Z"}, {"uuid": "1b683ee8-d653-4214-ac3d-4c60fe696268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28977", "type": "seen", "source": "https://t.me/cibsecurity/50250", "content": "\u203c CVE-2022-28977 \u203c\n\nHtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:43.000000Z"}, {"uuid": "c5ce0825-b495-4adc-a965-62a0b5790a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28978", "type": "seen", "source": "https://t.me/cibsecurity/50253", "content": "\u203c CVE-2022-28978 \u203c\n\nStored cross-site scripting (XSS) vulnerability in the Site module's user membership administration page in Liferay Portal 7.0.1 through 7.4.1, and Liferay DXP 7.0 before fix pack 102, 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the a user's name.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:49.000000Z"}, {"uuid": "6a85a123-32f8-4c03-82a2-902a13aeaee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28979", "type": "seen", "source": "https://t.me/cibsecurity/50248", "content": "\u203c CVE-2022-28979 \u203c\n\nLiferay Portal v7.1.0 through v7.4.2 and Liferay DXP v7.3 before service pack 3 was discovered to contain a cross-site scripting (XSS) vulnerability in the Portal Search module's Custom Facet widget. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Parameter Name text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T07:11:42.000000Z"}, {"uuid": "2250c4a8-844b-42e1-b13c-0ee78c4af3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28973", "type": "seen", "source": "https://t.me/cibsecurity/42109", "content": "\u203c CVE-2022-28973 \u203c\n\nTenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T18:27:50.000000Z"}, {"uuid": "5a098342-bf9d-4c60-b075-32f7e0b4e4ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28972", "type": "seen", "source": "https://t.me/cibsecurity/42107", "content": "\u203c CVE-2022-28972 \u203c\n\nTenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T18:27:49.000000Z"}, {"uuid": "2f163012-60a5-4e0f-99e8-718721abd78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28970", "type": "seen", "source": "https://t.me/cibsecurity/42106", "content": "\u203c CVE-2022-28970 \u203c\n\nTenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T18:27:45.000000Z"}, {"uuid": "b64e67c1-1c1b-4a43-a32f-7ec627dafee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2897", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2897\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..\n\ud83d\udccf Published: 2022-08-31T20:54:55.020Z\n\ud83d\udccf Modified: 2025-04-16T17:48:20.720Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", "creation_timestamp": "2025-04-16T17:56:59.000000Z"}, {"uuid": "a630d12f-85fa-4d3c-a843-638d47fa9ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28975", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18801", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-28975\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.\n\ud83d\udccf Published: 2024-01-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-18T16:55:58.687Z\n\ud83d\udd17 References:\n1. http://infoblox.com\n2. https://piotrryciak.com/posts/xss-infoblox/", "creation_timestamp": "2025-06-18T17:39:07.000000Z"}, {"uuid": "b457bcda-b6b0-4a26-b114-f1a544849b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28975", "type": "seen", "source": "https://t.me/ctinow/167588", "content": "https://ift.tt/swz4fFS\nCVE-2022-28975 Exploit", "creation_timestamp": "2024-01-12T23:16:30.000000Z"}, {"uuid": "16c1da91-cec5-40ff-ac56-09de9a9a4e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28971", "type": "seen", "source": "https://t.me/cibsecurity/42111", "content": "\u203c CVE-2022-28971 \u203c\n\nTenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T18:27:52.000000Z"}]}