CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-22874 – Revive Adserver 5.1.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-22874
Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter. Revive Adserver versiones anteriores a 5.1.1, es susceptible a una vulnerabilidad de tipo XSS reflejado en el archivo userlog-index.php por medio del parámetro "period_preset" Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities. • https://github.com/revive-adserver/revive-adserver/commit/e2a67ce8 https://hackerone.com/reports/1083231 https://www.revive-adserver.com/security/revive-sa-2021-002 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-22871 – Revive Adserver 5.0.5 Cross Site Scripting / Open Redirect
https://notcve.org/view.php?id=CVE-2021-22871
Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability. Revive Adserver versiones anteriores a 5.1.0, permite a cualquier usuario con una cuenta de administrador almacenar contenido posiblemente malicioso en la propiedad del sitio web URL, que luego es mostrada sin saneamiento en la pantalla de generación de etiquetas affiliate-preview.php, conllevando a una vulnerabilidad de tipo cross-site scripting (XSS ) persistente Revive Adserver versions 5.0.5 and below suffer from persistent and reflective cross site scripting and open redirection vulnerabilities. • http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html http://seclists.org/fulldisclosure/2021/Jan/60 https://github.com/revive-adserver/revive-adserver/commit/62a2a0439 https://github.com/revive-adserver/revive-adserver/commit/89b88ce26 https://hackerone.com/reports/819362 https://www.revive-adserver.com/security/revive-sa-2021-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-22872 – Revive Adserver 5.0.5 Cross Site Scripting / Open Redirect
https://notcve.org/view.php?id=CVE-2021-22872
Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script. While this issue was previously addressed in modern browsers as CVE-2020-8115, some older browsers (e.g., IE10) that do not automatically URL encode parameters were still vulnerable. Revive Adserver anterior a la versión 5.1.0 es vulnerable a una vulnerabilidad de scripting cruzado (XSS) reflejada a través del script de entrega afr.php de acceso público. Si bien este problema se abordó anteriormente en los navegadores modernos como CVE-2020-8115, algunos navegadores antiguos (por ejemplo, IE10) que no codifican automáticamente los parámetros de la URL seguían siendo vulnerables Revive Adserver versions 5.0.5 and below suffer from persistent and reflective cross site scripting and open redirection vulnerabilities. • http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html http://seclists.org/fulldisclosure/2021/Jan/60 https://github.com/revive-adserver/revive-adserver/commit/00fdb8d0e https://github.com/revive-adserver/revive-adserver/commit/1dbcf7d50 https://hackerone.com/reports/986365 https://www.revive-adserver.com/security/revive-sa-2021-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2021-22873 – Revive Adserver 5.0.5 Cross Site Scripting / Open Redirect
https://notcve.org/view.php?id=CVE-2021-22873
Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability. Revive Adserver versiones anteriores a 5.1.0 es vulnerable a redireccionamientos abiertos por medio de los parámetros "dest","oadest" y/o "ct0" de los scripts de entrega de los archivos lg.php y ck.php. Estos redireccionamientos abiertos habían estado disponibles anteriormente por diseño para permitir a unos servidores de anuncios de terceros rastrear tales métricas al entregar anuncios. • https://github.com/K3ysTr0K3R/CVE-2021-22873-EXPLOIT http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html http://seclists.org/fulldisclosure/2021/Jan/60 https://github.com/revive-adserver/revive-adserver/issues/1068 https://hackerone.com/reports/1081406 https://www.revive-adserver.com/security/revive-sa-2021-001 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8143
https://notcve.org/view.php?id=CVE-2020-8143
An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/*-modify.php” could be skipped if no meaningful parameter was sent. No action was performed, but the user was still redirected to the target page, specified via the “returnurl” GET parameter. Se detectó una vulnerabilidad de Redireccionamiento Abierto en Revive Adserver versión anteriores a 5.0.5 y reportada por el usuario hoangn144 de HackerOne. Un atacante remoto podría engañar a usuarios registrados para abrir un enlace específicamente diseñado y redireccionarlos hacia cualquier destino. • https://hackerone.com/reports/794144 https://www.revive-adserver.com/security/revive-sa-2020-002 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •