CVE-2016-9457

Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*

Information

Published : 2017-03-27 19:59

Updated : 2017-03-29 18:59


NVD link : CVE-2016-9457

Mitre link : CVE-2016-9457


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

revive-adserver

  • revive_adserver