Description

Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other potential CSRF vulnerabilities. Over 20+ such issues were fixed.

Remediation

References

CVE-2016-9456

Related Vulnerabilities

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-1552)

WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)

WordPress Plugin WordPress Download Manager Multiple Security Bypass Vulnerabilities (2.6.92)

Drupal Core 8.3.0 Security Bypass (8.3.0)

WordPress Plugin Conditional Marketing Mailer for WooCommerce Cross-Site Request Forgery (1.5.2)

Severity

High

Classification

CVE-2016-9456 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities