Revive Adserver Reflected Cross-Site Scripting Vulnerability in Banner Zone Management

A reflected cross-site scripting vulnerability has been identified in Revive Adserver versions 6.0.0 and above. The issue arises in the 'banner-zone.php' script, where user input from the 'website' field in the banner search is not properly sanitized before being displayed. This flaw allows an attacker to inject malicious scripts that are executed in the context of the user's browser.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the browser of an affected user, specifically an administrator. This could lead to unauthorized actions being performed in the admin's account, session hijacking (if cookies are not set to HttpOnly), and potentially compromise the entire site.

Reproduction

To reproduce this vulnerability, log into the admin panel of Revive Adserver version 6.0.0 or later. Navigate to the 'Banners' section and select 'Linked Zones'. In the 'Website' search field, insert a script payload, such as a JavaScript alert wrapped in script tags. The injected script will be executed in the browser, demonstrating the cross-site scripting vulnerability.

Remediation

Users are advised to update to the latest version of Revive Adserver, where this vulnerability has been addressed. The patch is available as part of the upcoming security release.