CVE-2021-22873

CVE-2021-22873

Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability.

Source: CVE-2021-22873

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다