CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5832
https://notcve.org/view.php?id=CVE-2017-5832
Cross-site scripting (XSS) vulnerability in Revive Adserver before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the user's email address. Vulnerabilidad de XSS en Revive Adserver en versiones anteriores a 4.0.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de la dirección de email del usuario. • http://www.openwall.com/lists/oss-security/2017/02/02/3 http://www.securityfocus.com/bid/95875 https://www.revive-adserver.com/security/revive-sa-2017-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5833
https://notcve.org/view.php?id=CVE-2017-5833
Cross-site scripting (XSS) vulnerability in the invocation code generation for interstitial zones in Revive Adserver before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Vulnerabilidad de XSS en la generación de código de invocación para zonas intersticiales en Revive Adserver en versiones anteriores a 4.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados. • http://www.openwall.com/lists/oss-security/2017/02/02/3 http://www.securityfocus.com/bid/95875 https://www.revive-adserver.com/security/revive-sa-2017-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •