Revive-Adserver: >> Revive Adserver >> 5.1.0 Security Vulnerabilities
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScript code.
CVSS Score
6.1
EPSS Score
0.008
Published
2021-03-25
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and pressing a certain key combination to execute injected JavaScript code.
CVSS Score
6.1
EPSS Score
0.008
Published
2021-03-25
Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter.
CVSS Score
6.1
EPSS Score
0.008
Published
2021-01-28
Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter.
CVSS Score
6.1
EPSS Score
0.008
Published
2021-01-28
Page 2