3 matches found
CVE-2020-35199
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS...
CVE-2020-35199
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS...
CVE-2020-35199
Openfire 4.6.0 from Ignite Realtime contains a Stored XSS in create-bookmark.jsp with the groupchatJID parameter. Descriptions across sources indicate exploitation could enable credential theft (stored XSS risk). No official patch/version is specified in the provided documents. Some advisories su...