Description

Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to access the administrator account.

Remediation

References

CVE-2016-9126

Related Vulnerabilities

Python Integer Overflow or Wraparound Vulnerability (CVE-2008-2315)

Oracle Application Server CVE-2009-0989 Vulnerability (CVE-2009-0989)

osCommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2965)

WordPress Plugin Shantz WordPress QOTD Cross-Site Request Forgery (1.2.2)

MySQL CVE-2018-2786 Vulnerability (CVE-2018-2786)

Severity

Medium

Classification

CVE-2016-9126 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Tags

Missing Update Known Vulnerabilities