[Open Url Redirect Vulnerability On Revive Adserver]

Thanks for the report. It is a known issue, since many years actually. The problem is that the oadest parameter is required for certain functionalities to work, and to this day no solution has been found that allows it while making it safer. I have spent myself numerous hours on it but I couldn't come up with anything good enough.

 

If you have a working solution, we'd be happy to review it and apply it.

 

Why not use CSRF token?