CVE-2025-55124

NONE EPSS 27.0%
Published Nov 20, 20257mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 20, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the banner-zone.php script.

Threat Intelligence

EPSS Exploit Probability
27.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
revive-adserverrevive_adserver*≥6.0.0  –  ≤6.0.1

References 1

  • hackerone.com https://hackerone.com/reports/3403727
    ExploitIssue TrackingThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.