Security Advisory

CVE-2021-22871

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-21 19:15:11

Last updated 2024-08-03 18:51:07

Assigner hackerone

State PUBLISHED

Description

Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability.

← Browse all CVEs View on cve.org ↗