CNNVD-202511-2303 Information
Nov 20, 2025
cve
CNNVD ID
CNNVD-202511-2303
Related CVE
- CNNVD Published: 2025-11-20
Description (Chinese)
Revive Adserver是Revive Adserver团队的一套开源的广告管理系统。该系统提供广告投放、广告位管理、数据统计等功能。 Revive Adserver 6.0.1版本和5.5.2版本及之前版本存在安全漏洞,该漏洞源于缺少JSON Content-Type标头,可能导致存储型跨站脚本攻击。
Description (English)
Revive Adserver is an open-source advertising management system for the Revive Adserver team. The system provides advertising, position management, data statistics, etc. There is a security loophole in Revive Adserver versions 6.0.1 and 5.5.2 and earlier versions, which stems from the lack of JSON Content-Type header, which could result in a storage-type cross-station script attack.
Hazard Level
Critical
Vulnerability Type
其他
Published
2025-11-20
Last Modified
2026-02-24
References
https://hackerone.com/reports/3399809
Patch
https://www.revive-adserver.com/download/
Share on: