PT-2020-17288 · Ignite Realtime · Openfire
Name of the Vulnerable Software and Affected Versions: Ignite Realtime Openfire version 4.6.0 Description: The issue is related to a Stored XSS in the create-bookmark.jsp file, specifically with the groupchatJID parameter. This allows for potential malicious script execution. Recommendations: For...