CVE-2020-24601
CVE-2020-24601 affects Ignite Realtime Openfire 4.5.1. A stored cross-site scripting vulnerability exists where a POST parameter in the import certificate trusted page (searchName, alias) can be used to execute an arbitrary malicious URL. The connected PT-2020-15761 advisory notes there is no inf...