Lucene search
GoogleOSV:GHSA-MFJW-X4Q4-69P9HistoryMay 24, 2022 - 4:59 p.m.
Ignite Realtime Openfire vulnerable to Server Side Request Forgery
2022-05-2416:59:50
Google
osv.dev
6
ignite realtime
openfire
ssrf vulnerability
faviconservlet.java
http get requests
version 4.5.0-beta
EPSS
0.568
Percentile
97.8%
A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. The issue is fixed in version 4.5.0-beta.
Related
veracode
veracode
Server-Side Request Forgery (SSRF)
2019-10-25 02:46:40
cvelist
cvelist
CVE-2019-18394
2019-10-24 10:58:34
CVE-2021-45968
2022-03-18 04:56:37
nuclei
nuclei
Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
2020-08-04 15:24:23
github
github
Ignite Realtime Openfire vulnerable to Server Side Request Forgery
2022-05-24 16:59:50
attackerkb
attackerkb
CVE-2019-18394
2019-10-24 00:00:00
cve
cve
CVE-2019-18394
2019-10-24 11:15:10
CVE-2021-45968
2022-03-18 05:15:07
prion
prion
Server side request forgery (ssrf)
2019-10-24 11:15:00
Server side request forgery (ssrf)
2022-03-18 05:15:00
thn
thn
Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses
2022-03-09 09:48:00
osv
osv
CVE-2019-18394
2019-10-24 11:15:10
nessus
nessus
Openfire SSRF (CVE-2019-18394)
2024-07-19 00:00:00
nvd
nvd
CVE-2019-18394
2019-10-24 11:15:10
CVE-2021-45968
2022-03-18 05:15:07
openvas
openvas
Openfire < 4.4.3 Multiple Vulnerabilities
2020-08-05 00:00:00