Description
Cross-site scripting (XSS) vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors.
Remediation
References
Related Vulnerabilities
Lighttpd Other Vulnerability (CVE-2007-3948)
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
Oracle Database Server CVE-2011-0804 Vulnerability (CVE-2011-0804)