Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-22889
HistoryMar 25, 2021 - 8:15 p.m.

Cross site scripting

2021-03-2520:15:00
PRIOn knowledge base
www.prio-n.com
4

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

41.9%

Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the statsBreakdown parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and pressing a certain key combination to execute injected JavaScript code.

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

41.9%

Related for PRION:CVE-2021-22889