CVE-2020-24604
CVE-2020-24604 describes a reflected XSS in Ignite Realtime Openfire 4.5.1. The vulnerability allows remote attackers to inject arbitrary web script or HTML via GET parameters in the pages server-properties.jsp and security-audit-viewer.jsp (parameters include searchName, searchValue, searchDescr...