Please sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix h1 report 128181
Special Element Injection ------------------------- Joel Noguera has reported via HackerOne that usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver. CWE: CWE-75 CVSSv2: 2.1 (AV:N/AC:H/Au:S/C:N/I:P/A:N) CVSSv3 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C CVSSv3 Base Score: 3.1 CVSSv3 Temporal Score: 2.7
- Loading branch information