Описание
Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to their own advertiser users.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:revive-adserver:revive_adserver:6.0.0:-:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00018
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
3 месяца назад
Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to their own advertiser users.
EPSS
Процентиль: 4%
0.00018
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79