CVE-2019-5433 - AskarLabs CVE Database

CVE-2019-5433

Vendor N/A

Product Revive Adserver

Weakness CWE-601 · Open redirect

Published May 6, 2019

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0.

Key dates

02Disclosure timeline

May 6, 2019 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-5433 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/601.html

Related vulnerabilities

04Related CVE

CVE-2024-4133 ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.30 - Open Redirect CVE-2022-36029 BigBlueButton Greenlight Open Redirect vulnerability CVE-2025-54681 WordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Open Redirection Vulnerability CVE-2024-54050 Adobe Connect | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) CVE-2024-46886