Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2mf9-h6m2-x7w4

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 5.4

Описание

Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.

Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.

Ссылки

EPSS

Процентиль: 46%
0.00236
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2016-9130

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2016-9130

CVSS3: 5.4
nvd
почти 9 лет назад

Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.

EPSS

Процентиль: 46%
0.00236
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2016-9130

Дефекты

CWE-79