Revive Adserver prior to 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
revive-adserver revive adserver |