Vulnerabilities

CVE-2025-48986

by Fred · 20/11/2025

Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users’ email address and potentialy take over their accounts using the forgot password functionality.

More information : https://hackerone.com/reports/3398283

Similar

Tags: Cybersecurity Alert