Revive-adserver » Revive Adserver : Security Vulnerabilities, CVEs, Published In 2015 (Bypass) CVSS score >= 7
The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.75%
Published
2015-10-14
Updated
2018-10-09
Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been (1) deleted or (2) unlinked.
Max CVSS
7.5
EPSS Score
0.75%
Published
2015-10-14
Updated
2018-10-09
2 vulnerabilities found