Vulnerability Description
Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to access the administrator account.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Revive-Adserver | Revive Adserver | <= 3.2.2 |
Related Weaknesses (CWE)
References
- https://github.com/revive-adserver/revive-adserver/commit/8d8c6df309ff5fde9dd477Issue TrackingPatchThird Party Advisory
- https://hackerone.com/reports/97073Permissions Required
- https://www.revive-adserver.com/security/revive-sa-2016-001/PatchVendor Advisory
- https://github.com/revive-adserver/revive-adserver/commit/8d8c6df309ff5fde9dd477Issue TrackingPatchThird Party Advisory
- https://hackerone.com/reports/97073Permissions Required
- https://www.revive-adserver.com/security/revive-sa-2016-001/PatchVendor Advisory
FAQ
What is CVE-2016-9126?
CVE-2016-9126 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An a...
How severe is CVE-2016-9126?
CVE-2016-9126 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9126?
Check the references section above for vendor advisories and patch information. Affected products include: Revive-Adserver Revive Adserver.