Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-7368 - Vulnerability Database
ReviveAdserver

ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-7368

Low
Reference: CVE-2015-7368
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-7368
Title: ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages which allows local users to obtain sensitive information via the web browser cache.