Skip to main content
U.S. flag

An official website of the United States government Pages Fix CVE-2022-28923

March 08, 2023

On Tuesday March 7th, 2023, we received reports that Pages sites were susceptible to an open redirection vulnerability which could allow a nefarious actor to redirect users to phishing websites via crafted URLs. You can read about the NIST CVE-2022-28923 for more information. After verifying the reports, we released an update to our proxy in the afternoon of Tuesday March 7th, 2023 to handle any nefarious URL’s with a 404 response. We also invalidated the CDN caches on customer’s production domains to remove any potentially cached redirects.