CVE-2016-9126

MEDIUM

Revive Adserver <3.2.3 - XSS

Title source: llm

Description

Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to access the administrator account.

References (3)

[Issue Tracking, Patch, Third Party Advisory] https://github.com/revive-adserver/revive-adserver/commit/8d8c6df309ff5fde9dd4770abcd4ec5d2449b3ec

View Patch ZIP pw:eip

[Permissions Required] https://hackerone.com/reports/97073

[Patch, Vendor Advisory] https://www.revive-adserver.com/security/revive-sa-2016-001/

Scores

CVSS v3 5.4

EPSS 0.0026

EPSS Percentile 49.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (2)

revive-adserver/revive_adserver < 3.2.2

n/a/Revive Adserver All versions before 3.2.3 < Revive Adserver All versions before 3.2.3

Timeline

Published Mar 28, 2017

Tracked Since Feb 18, 2026