Default Flash Cross-Domain Policy Vulnerability in Revive Adserver before 3.2.2

CVE-2015-7369 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors.

Learn more about our Cis Benchmark Audit For Server Software.