Revive Adserver XSS

Published on
10 Jan 2022
Vulnerability

Description

A reflected XSS vulnerability has been detected in Revive Adserver 5.0.3’s publicly accessible afr.php delivery script. As of v3.2.2, the session identifier is kept in a http-only cookie and cannot be retrieved. On older versions, however, it may be possible to steal the session identifier and gain access to the admin interface under certain circumstances. In a JavaScript context, the query string provided to the www/delivery/afr.php script was printed back without sufficient escaping, allowing an attacker to execute arbitrary JS code on the victim’s browser.

Recommendation

  • Update Revive Adserver to the latest version
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment