Session fixation vulnerability in the forgot password mechanism in Revive Adserver prior to 4.0.1, when setting a new password, allows remote malicious users to hijack web sessions via the session ID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
revive-adserver revive adserver |