Description
Cross-site scripting (XSS) vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Affiliate Disclosure Security Bypass (1.1.3)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3092)
WordPress Plugin AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8)
WordPress Plugin Google Forms Server-Side Request Forgery (0.91)
WordPress Plugin Social Photo Gallery Remote Code Execution (1.0)