5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.1%
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID.
www.openwall.com/lists/oss-security/2017/02/02/3
www.securityfocus.com/bid/95875
www.revive-adserver.com/security/revive-sa-2017-001/