XSS in Revive-adserver Revive_adserver

CVE-2015-7373

Cross-site scripting (XSS) vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (49.2th percentile) — read the EPSS interpretation.