Agarri

**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 4.0.1 **Description** The issue concerns a session fixation vulnerability in the forgot password mechanism. This allows remote attackers to hijack web sessions via the session ID when a user sets a new password. **Recommendations** For versions prior to 4.0.1, update to version 4.0.1 or later to resolve the issue.