Medium severity5.4NVD Advisory· Published Mar 28, 2017· Updated Jun 17, 2026
CVE-2016-9472
CVE-2016-9472
Description
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possible is extremely narrow and it is very unlikely that such an attack could be actually effective.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*range: <=3.2.4
- cpe:2.3:a:revive-adserver:revive_adserver:4.0.0:*:*:*:*:*:*:*
- (no CPE)range: <3.2.5, <4.0.0
Patches
Vulnerability mechanics
References
4- github.com/revive-adserver/revive-adserver/commit/fcf72c8anvdPatchThird Party Advisory
- www.revive-adserver.com/security/revive-sa-2016-002/nvdPatchVendor Advisory
- github.com/revive-adserver/revive-adserver/commit/14ff73f0nvdPermissions RequiredThird Party Advisory
- hackerone.com/reports/170156nvdPermissions Required
News mentions
0No linked articles in our index yet.