Revive_adserver


reports in last 90 days

8

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Low Open redirect in switch account functionality

Open Redirect sumni Time to triage: 2 Days and 3 hours


Time to close: 224 Days and 0 hours
Resolved

Critical Deserialization of Untrusted Data in www/delivery/adxmlrpc.php

Deserialization of Untrusted Data mbeccati Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

Critical Deserialization of Untrusted Data in www/delivery/dxmlrpc.php

Deserialization of Untrusted Data mbeccati Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

High Authentication Bypass by abusing Insecure crypto tokens in /lib/OA/Dal/PasswordRecovery.php:

Improper Authentication - Generic paulos_ Time to triage: 0 Days and 2 hours


Time to close: 9 Days and 16 hours
Resolved

Low Weak Forgot Password implementation

Improper Authentication - Generic pavanw3b Time to triage: 8 Days and 23 hours


Time to close: 63 Days and 22 hours
Resolved

Low Reflected XSS on Zones > Invocation Code

Cross-site Scripting (XSS) - Generic pavanw3b Time to triage: 60 Days and 17 hours


Time to close: 34 Days and 1 hours
Resolved

High Stored XSS on Admin Access Page - Email field

Cross-site Scripting (XSS) - Generic pavanw3b Time to triage: 0 Days and 21 hours


Time to close: 120 Days and 0 hours
Resolved

No rating Reflected XSS in Step 2 of the Installation

Cross-site Scripting (XSS) - Generic pavanw3b Time to triage: 1 Days and 3 hours


Time to close: 9 Days and 2 hours
Resolved