Special Element Injection Vulnerability in Revive Adserver by Revive
CVE-2016-9471

3.1LOW

Key Information:

Vendor

Revive-adserver

Status
Revive Adserver All Versions Before 3.2.5 And 4.0.0
Vendor
CVE Published:
28 March 2017

What is CVE-2016-9471?

Revive Adserver prior to version 3.2.5 and 4.0.0 is susceptible to a Special Element Injection vulnerability where user inputs, specifically usernames, are not adequately sanitized during user creation. This oversight permits the presence of seemingly identical usernames due to the lack of filter on control characters, which are typically ignored in HTML display. Consequently, this could lead to user spoofing, although the exploit requires elevated privileges to create users in the system.

Affected Version(s)

Revive Adserver All before 3.2.5 and 4.0.0 Revive Adserver All versions before 3.2.5 and 4.0.0

References

https://hackerone.com/reports/128181
x_refsource_MISC
https://github.com/revive-adserver/revive-adserver/commit...
x_refsource_MISC
https://www.revive-adserver.com/security/revive-sa-2016-002/
x_refsource_MISC

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2016-9471 : Special Element Injection Vulnerability in Revive Adserver by Revive