CVE-2016-9454

CVE-2016-9454 affects Revive Adserver prior to version 3.2.3, where the banner image URL for external banners could be improperly escaped in most banner-related pages, enabling a persistent XSS via the Revive Adserver user interface. The vulnerability requires a trusted, non-admin account and is ...