CVE-2019-18393

PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability...

CVE-2019-15488

Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test...

Exploit for Path Traversal in Igniterealtime Openfire

It is an exploit module for Openfire, a Jabber/XMPP server. The...

Exploit for Path Traversal in Igniterealtime Openfire

It is an offensive tool for Openfire. This repository contains a...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 - Ignite Realtime Openfire Path Traversal Vulnera...

Openfire SSRF (CVE-2019-18394)

The version of Openfire installed on the remote host is prior to 4.4.3. It is, therefore, affected by a server side request forgery vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. Note that Nessus has not tested...

FreeBSD : Openfire administration console authentication bypass (9bcff2c4-1779-11ef-b489-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9bcff2c4-1779-11ef-b489-b42e991fc52e advisory. - Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative...

ROS-20240503-12

Vulnerability in administration console of cross-platform real-time collaboration server Openfire is related to a path traversal capability. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

VulnCheck KEV: CVE-2019-18393

PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability...

Privilege Escalation

org.igniterealtime.openfire:xmppserver is vulnerable to Privilege Escalation. The vulnerability is caused due to insufficient validation and management of user privileges within the ROOMCACHE component, which allows unauthorized users to escalate their privileges...

Improper Privilege Management

org.igniterealtime.openfire:xmppserver is vulnerable to Improper Privilege Management. The vulnerability is caused by the lack of proper validation of user privileges when a user account is deleted and subsequently recreated with the same username. This allows an attacker to exploit the system an...

GHSA-6PWG-GG6J-5CRM Ignite Realtime Openfire privilege escalation vulnerability

An issue in Ignite Realtime Openfire v.4.8.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

GHSA-5XVC-RWV8-86P7 Ignite Realtime Openfire privilege escalation vulnerability

An issue in Ignite Realtime Openfire v.4.8.0 and before allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

Ignite Realtime Openfire privilege escalation vulnerability

An issue in Ignite Realtime Openfire v.4.8.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

Ignite Realtime Openfire privilege escalation vulnerability

An issue in Ignite Realtime Openfire v.4.8.0 and before allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

CVE-2024-25420

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

CVE-2024-25421

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

CVE-2024-25420

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

CVE-2024-25421

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

Ignite Realtime Openfire 安全漏洞

Ignite Realtime Openfire is Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server . It can build highly efficient instant messaging server , and supports tens of thousand...