6.1

CVE-2021-22873

Exploit

EPSS 78.68%
Veröffentlicht 26.01.2021 18:16:19
Zuletzt bearbeitet 21.11.2024 05:50:48
Quelle support@hackerone.com
CVE-Watchlists
Login
Unerledigt
Login

Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Revive-adserver ≫ Revive Adserver Version < 5.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	78.68%	0.99

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html

Third Party Advisory

VDB Entry

http://seclists.org/fulldisclosure/2021/Jan/60

Third Party Advisory

Broken Link

Mailing List

https://www.revive-adserver.com/security/revive-sa-2021-001/

Vendor Advisory

https://github.com/revive-adserver/revive-adserver/issues/1068

Third Party Advisory

Issue Tracking

https://hackerone.com/reports/1081406

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2021-22873

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22873

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22873

EUVD