CVE-2017-5831

Name of the Vulnerable Software and Affected Versions Revive Adserver versions prior to 4.0.1

Description The issue concerns a session fixation vulnerability in the forgot password mechanism. This allows remote attackers to hijack web sessions via the session ID when a user sets a new password.

Recommendations For versions prior to 4.0.1, update to version 4.0.1 or later to resolve the issue.