2 matches found
CVE-2017-5831
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID...
CVE-2017-5831
Revive Adserver is affected by CVE-2017-5831: a session fixation vulnerability in the forgot password flow prior to version 4.0.1. The issue allows an attacker to hijack a user session by targeting the session ID during password reset. Affected software is Revive Adserver (prior to 4.0.1); root c...