Description
A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks.
Published: 2026-06-26
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A missing sanitization in the zone-include.php script of Revive Adserver allows a low‑privileged user to supply malicious content through the refresh parameter of an iFrame invocation tag. The input is reflected back without proper encoding, enabling attackers to inject and execute arbitrary JavaScript in the context of the victim’s browser, potentially leading to session hijacking, data theft, or phishing campaigns.

Affected Systems

This vulnerability exists in Revive Adserver 6.0.7 and all earlier releases. The affected product is the Revive Adserver platform provided by Revive.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity. EPSS data is unavailable, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is through the iFrame invocation’s refresh parameter within the web interface, allowing a low‑privileged user to inject malicious payloads. The reflected nature of the XSS makes it straightforward to target user browsers and potentially execute session hijacking or phishing attacks.

Generated by OpenCVE AI on June 26, 2026 at 03:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Revive Adserver to the latest version where zone-include.php sanitizes the refresh parameter.
  • If an upgrade cannot be performed immediately, restrict or remove access to zone-include.php or block the refresh parameter via web server rules.
  • Implement proper output encoding on all user‑supplied data and enforce a Content Security Policy to mitigate any remaining XSS risk.

Generated by OpenCVE AI on June 26, 2026 at 03:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://hackerone.com/reports/3780806 cve-icon
History

Fri, 26 Jun 2026 05:45:00 +0000

Type Values Removed Values Added
First Time appeared Revive
Revive adserver
Vendors & Products Revive
Revive adserver

Fri, 26 Jun 2026 03:45:00 +0000

Type Values Removed Values Added
Title Reflected XSS via zone‑include.php Refresh Parameter in Revive Adserver 6.0.7 and Earlier

Fri, 26 Jun 2026 01:30:00 +0000

Type Values Removed Values Added
Description A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks.
Weaknesses CWE-79
References
Metrics cvssV3_0

{'score': 6.1, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Revive Adserver
cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2026-06-26T01:11:14.295Z

Reserved: 2026-06-06T15:00:09.779Z

Link: CVE-2026-50740

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T05:30:17Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')