Description
Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refresh_page parameter to www/admin/report-generate.php.
Remediation
References
Related Vulnerabilities
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19126)
WordPress Plugin MukioPlayer SQL Injection (1.6)
WordPress Plugin Drug Search Cross-Site Scripting (1.0.0)
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Security Bypass (1.12)
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)