Description
The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token.
Remediation
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2019-11046)
WordPress Plugin Verse-O-Matic Cross-Site Request Forgery (4.1.1)
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-8445)
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14830)