CVE-2021-22873
N/A
N/A
Summary
Revive Adserver before 5.1.0 is vulnerable to open redirects via the dest, oadest, and/or ct0 parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | https://github.com/revive-adserver/revive-adserver | Fixed in 5.1.0 | affected |
Weaknesses
- CWE-601: Open Redirect (CWE-601)
ADP Enrichment
CVE Program Container
Additional References
- https://hackerone.com/reports/1081406
- https://www.revive-adserver.com/security/revive-sa-2021-001/
- https://github.com/revive-adserver/revive-adserver/issues/1068
- http://seclists.org/fulldisclosure/2021/Jan/60
- http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html
References
- https://hackerone.com/reports/1081406
- https://www.revive-adserver.com/security/revive-sa-2021-001/
- https://github.com/revive-adserver/revive-adserver/issues/1068
- http://seclists.org/fulldisclosure/2021/Jan/60
- http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.