CVE-2021-22873
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2021-22873. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability.
Available Exploits
Revive Adserver <5.1.0 - Open Redirect
Revive Adserver before 5.1.0 contains an open redirect vulnerability via the dest, oadest, and ct0 parameters of the lg.php and ck.php delivery scripts. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
References:
- https://hackerone.com/reports/1081406
- https://github.com/revive-adserver/revive-adserver/issues/1068
- http://seclists.org/fulldisclosure/2021/Jan/60
- https://nvd.nist.gov/vuln/detail/CVE-2021-22873
- http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-Scripting-Open-Redirect.html
Related News
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
References
Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022