Unrated severityNVD Advisory· Published Jan 21, 2021· Updated Aug 3, 2024
CVE-2021-22871
CVE-2021-22871
Description
Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Revive Adserver/Revive Adserverdescription
- Range: <5.1.0
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2021/Jan/60mitremailing-listx_refsource_FULLDISC
- github.com/revive-adserver/revive-adserver/commit/62a2a0439mitrex_refsource_MISC
- github.com/revive-adserver/revive-adserver/commit/89b88ce26mitrex_refsource_MISC
- hackerone.com/reports/819362mitrex_refsource_MISC
- www.revive-adserver.com/security/revive-sa-2021-001/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.