CVE-2020-35200
CVE-2020-35200 affects Ignite Realtime Openfire 4.6.0, specifically the plugin file plugins/clientcontrol/spark-form.jsp, with a Reflective XSS flaw. The connected sources confirm the vulnerability in this exact component and version; exploitation status or in-the-wild details are not provided. M...