Unrated severityOSV Advisory· Published Dec 17, 2025· Updated Apr 7, 2026

Revive Adserver 5.4.1 Cross-Site Scripting via Banner Advanced Settings

CVE-2023-53931

Description

Revive Adserver 5.4.1 contains a cross-site scripting vulnerability in the banner advanced configuration page that allows attackers to inject malicious scripts. Attackers can craft a malicious link to the banner-advanced.php endpoint with XSS payloads in prepend and append parameters to execute arbitrary JavaScript when an admin views the page.

Affected products

Revive Adserver/Revive AdserverOSV
Range: v3.0.0, v3.0.1, v3.0.2, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/51401mitreexploit
www.vulncheck.com/advisories/revive-adserver-cross-site-scripting-via-banner-advanced-settingsmitrethird-party-advisory
www.revive-adserver.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000