The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Cloud.gov Pages Fix CVE-2022-28923

March 8, 2023

On Tuesday March 7th, 2023, we received reports that cloud.gov Pages sites were susceptible to an open redirection vulnerability which could allow a nefarious actor to redirect users to phishing websites via crafted URLs. You can read about the NIST CVE-2022-28923 for more information. After verifying the reports, we released an update to our proxy in the afternoon of Tuesday March 7th, 2023 to handle any nefarious URL’s with a 404 response. We also invalidated the CDN caches on customer’s production domains to remove any potentially cached redirects.

Suggest edits