Vulnerabilities

CVE-2019-5433

by Fred · 06/05/2019

A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0.

Date published : 2019-05-06

https://hackerone.com/reports/390663

Revive Adserver Security Advisory REVIVE SA-2019-001

Similar

Tags: Cybersecurity Alert