CNNVD-202601-3172 Information

CNNVD ID

CNNVD-202601-3172

Related CVE

CVE-2026-21641

• CNNVD Published: 2026-01-20

Description (Chinese)

Revive Adserver是Revive Adserver团队的一套开源的广告管理系统。该系统提供广告投放、广告位管理、数据统计等功能。 Revive Adserver存在安全漏洞，该漏洞源于tracker-delete.php脚本存在授权绕过，可能导致拥有删除跟踪器权限的用户错误地删除其他账户拥有的跟踪器。

Description (English)

Revive Adserver is an open-source advertising management system for the Revive Adserver team. The system provides advertising, position management, data statistics, etc. Revive Adserver has a security loophole, which stems from the existence of a tracker-delete.php script authorized to circumvent, which may lead users with access to remove trackers from other accounts wrongly.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Revive Adserver

Published

2026-01-20

Last Modified

2026-02-24

References

https://hackerone.com/reports/3445710 https://access.redhat.com/security/cve/cve-2026-21641

Patch

https://www.revive-adserver.com/download/