CVE-2020-8143 Information
Description
An Open Redirect vulnerability was discovered in Revive Adserver version 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/*-modify.php” could be skipped if no meaningful parameter was sent. No action was performed but the user was still redirected to the target page specified via the “returnurl” GET parameter.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://hackerone.com/reports/794144 https://www.revive-adserver.com/security/revive-sa-2020-002/ An Open Redirect vulnerability was discovered in Revive Adserver version
5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/*-modify.php” could be skipped if no meaningful parameter was sent. No action was performed but the user was still redirected to the target page specified via the “returnurl” GET parameter.
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: