Description
Cross-site scripting (XSS) vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors.
Remediation
References
Related Vulnerabilities
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (4.21.1)
WordPress Plugin Software License Manager Cross-Site Scripting (4.4.7)
WordPress Plugin Restricted Site Access Unspecified Vulnerability (2.0)
Django Resource Management Errors Vulnerability (CVE-2015-2316)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.9.7)