CVE-2014-8793
19.12.2014, 15:59
Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refresh_page parameter to www/admin/report-generate.php.
| Vendor | Product | Version |
|---|---|---|
| revive-adserver | revive_adserver | 𝑥 ≤ 3.0.5 |
𝑥
= Vulnerable software versions
References