3 matches found
VulnCheck KEV: CVE-2019-18394
A Server Side Request Forgery SSRF vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests...
Vulnerability of the FaviconServlet.java function in the Openfire XMPP server, allowing attackers to send arbitrary HTTP GET requests
The vulnerability in the FaviconServlet.java function of the Openfire XMPP server is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to send arbitrary HTTP GET requests remotely...
Server-Side Request Forgery (SSRF)
xmppserver is vulnerable to server-side request forgery SSRF. The getImage function in FaviconServlet.java allows attackers to send arbitrary HTTP GET requests on behalf of the server...