3 matches found
Gentoo Security Advisory GLSA 200904-01 (openfire)
The remote host is missing updates announced in advisory GLSA 200904-01. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
CVE-2009-0496
Multiple cross-site scripting XSS vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 log parameter to a logviewer.jsp and b log.jsp; 2 search parameter to c group-summary.jsp; 3 username parameter to d user-properties.jsp; 4...
CVE-2009-0496
Openfire (Ignite Realtime) versions prior to 3.6.3 are affected by multiple input-validation vulnerabilities (CVE-2009-0496 among others) in several .jsp pages, which could allow remote attackers to inject XSS and potentially upload a malicious plugin to achieve arbitrary code execution. The Gent...