Description
The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Testimonials Cross-Site Scripting (1.36.1)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25689)
Internet Information Services Other Vulnerability (CVE-2000-0778)
WordPress Plugin SP Rental Manager SQL Injection (1.5.3)
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21654)