Cache-Control Header Missing in Revive Adserver Admin UI Pages

Cache-Control Header Missing in Revive Adserver Admin UI Pages

CVE-2015-7368 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache.

Learn more about our Web App Pen Testing.