CVE-2025-55127

Summary

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of whitespace in the username when adding new users. A username with leading or trailing whitespace could be virtually indistinguishable from its legitimate counterpart when the username is displayed in the UI, potentially leading to confusion.

Affected Software

VendorProductVersion RangeStatus
ReviveRevive Adserver6 <= 6.0.2affected
ReviveRevive Adserver6.0.3 <= 6.0.3unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References