Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the `banner-acl.php` and `channel-acl.php` scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser and malicious scripts would be executed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Revive Adserver 安全漏洞
Vulnerability Description
Revive Adserver是Revive Adserver团队的一套开源的广告管理系统。该系统提供广告投放、广告位管理、数据统计等功能。 Revive Adserver存在安全漏洞,该漏洞源于banner-acl.php和channel-acl.php脚本容易受到反射型跨站脚本攻击,攻击者可构造包含HTML有效载荷的特定URL,可能导致登录管理员访问时执行恶意脚本。
CVSS Information
N/A
Vulnerability Type
N/A