Revive Adserver Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Revive Adserver versions through 6.0.1, including 5.5.2. The issue arises in the account-preferences-plugin.php file, where the 'group' query parameter is not properly sanitized. This lack of input validation allows the injection of JavaScript, which is executed in the context of the user's browser.

Impact

Exploitation of this vulnerability allows for the injection of scripts that execute in the context of the victim's browser, potentially leading to typical cross-site scripting abuses such as UI redress, persistence of phishing content, or session manipulation.

Reproduction

To reproduce this vulnerability, navigate to the account-preferences-plugin.php file in the admin directory of Revive Adserver versions through 6.0.1. Append the 'group' query parameter with a script payload, such as a script tag including a JavaScript alert. The injected script will execute, confirming the presence of the reflected cross-site scripting vulnerability.

Remediation

Users are advised to update to the latest version of Revive Adserver, as the vulnerability has been fixed in the upcoming security release scheduled for November 5, 2025.