CVE-2019-5433
N/A
N/A
Summary
A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Revive Adserver | Fixed version v4.2.0 | affected |
Weaknesses
- CWE-601: Open Redirect (CWE-601)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.