CVE-2019-5433

Name of the Vulnerable Software and Affected Versions Revive Adserver versions prior to 4.2.0

Description A phishing attack could be conducted by tricking a user into clicking a specifically crafted admin account-switch.php URL, potentially leading to credential theft or other phishing attacks.

Recommendations For versions prior to 4.2.0, update to version 4.2.0 to resolve the issue. As a temporary workaround, consider restricting access to the account-switch.php page until the update is applied. Avoid clicking on suspicious URLs, especially those that may redirect to unsafe domains.