CVE-2025-55126

NONE EPSS 7.7%
Published Nov 20, 20257mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 20, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS

Threat Intelligence

EPSS Exploit Probability
7.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
aquaplatformrevive_adserver*≥6.0.0  –  <6.0.3

References 1

  • hackerone.com https://hackerone.com/reports/3411750
    ExploitIssue Tracking

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.