CVE-2020-35127

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS...

PT-2020-17290 · Ignite Realtime · Ignite Realtime Openfire

Name of the Vulnerable Software and Affected Versions: Ignite Realtime Openfire version 4.6.0 Description: The issue is related to a Stored XSS in the create-bookmark.jsp file, affecting users. Recommendations: For Ignite Realtime Openfire version 4.6.0, consider restricting access to the...

PT-2020-17288 · Ignite Realtime · Openfire

Name of the Vulnerable Software and Affected Versions: Ignite Realtime Openfire version 4.6.0 Description: The issue is related to a Stored XSS in the create-bookmark.jsp file, specifically with the groupchatJID parameter. This allows for potential malicious script execution. Recommendations: For...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability

Ignite Realtime Openfire is a cross-platform open source Real-Time Collaboration RTC server developed by the Ignite Realtime community in Java and based on XMPP formerly known as Jabber, the Instant Messaging Protocol, which is capable of building efficient instant messaging servers and supportin...

PT-2020-17262 · Ignite Realtime · Openfire

Name of the Vulnerable Software and Affected Versions: Ignite Realtime Openfire version 4.6.0 Description: The issue is related to a Stored XSS in the create-bookmark.jsp file within the bookmarks plugin. Recommendations: For Ignite Realtime Openfire version 4.6.0, consider restricting access to...