Description

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache.

Remediation

References

CVE-2015-7368

Related Vulnerabilities

MySQL CVE-2024-21207 Vulnerability (CVE-2024-21207)

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)

WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (6.3.0)

Oracle Database Server Other Vulnerability (CVE-2007-0276)

phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)

Severity

Low

Classification

CVE-2015-7368 CWE-200

Tags

Missing Update Known Vulnerabilities