Lucene search
HistorySep 17, 2023 - 5:15 a.m.
CVE-2023-38040
cve-2023-38040
reflected xss
vulnerability
revive adserver
nvd
security
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions…
Affected configurations
Node
revive-adserverrevive_adserverRange≤5.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| revive-adserver:revive_adserver | revive-adserver revive adserver | le | 5.4.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Revive",
"product": "Revive Adserver",
"versions": [
{
"version": "5.4.1",
"status": "affected",
"lessThanOrEqual": "5.4.1",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2023-38040
2023-09-17 05:15:10
hackerone
hackerone
prion
prion
Cross site scripting
2023-09-17 05:15:00
cvelist
cvelist
CVE-2023-38040
2023-09-17 04:41:38
osv
osv
CVE-2023-38040
2023-09-17 05:15:10
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
Related for CVE-2023-38040