2 matches found
BIT-OPENFIRE-2020-35202
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS...
PT-2020-17291 · Ignite Realtime · Openfire
Name of the Vulnerable Software and Affected Versions: Ignite Realtime Openfire version 4.6.0 Description: The issue is related to a sql Stored XSS in the db-access.jsp file within the dbaccess plugin. Recommendations: For Ignite Realtime Openfire version 4.6.0, consider restricting access to the...