Lucene search
K

7 matches found

OSV
OSV
added 2026/01/20 9:16 p.m.4 views

CVE-2026-21663

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser a...

6.1CVSS5.8AI score0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 8:48 p.m.6 views

CVE-2026-21642

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php and channel-acl.php scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 8:48 p.m.3 views

CVE-2026-21642

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php and channel-acl.php scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/20 8:48 p.m.3 views

CVE-2026-21663

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser a...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 8:48 p.m.10 views

CVE-2026-21663

CVE-2026-21663 is a reflected XSS vulnerability in Revive Adserver’s banner-acl.php script. An attacker can craft a URL with an HTML payload in a parameter (e.g., cap) that, when visited by a logged-in administrator, causes the payload to execute in the administrator’s browser. Multiple sources (...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3660

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser a...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/12/18 6:43 p.m.14 views

Revive Adserver: Reflected XSS in banner-acl.php and channel-acl.php via executionorder

Vulnerability description not provided...

6.1CVSS6.8AI score0.00163EPSS
Exploits0
Rows per page
Query Builder