Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.
Code Injection
Revive Adserver
NVD
GitHub
CVSS 3.0
3.1
EPSS
0.3%