Lucene search
K

107 matches found

Nuclei
Nuclei
added 2 days ago43 views

Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery

Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery. id: CVE-2019-18394 info: name: Ignite Realtime Openfire =4.4.3 to fix this vulnerability. reference: -...

9.8CVSS7.4AI score0.32304EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.5 views

CVE-2019-18394

A Server Side Request Forgery SSRF vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests...

9.8CVSS7AI score0.32304EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.11 views

CVE-2019-20526

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password parameter...

6.1CVSS6AI score0.00906EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.9 views

CVE-2019-20366

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents...

6.1CVSS5.9AI score0.01265EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.48 views

CVE-2019-20525

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter...

6.1CVSS5.8AI score0.00906EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.10 views

CVE-2019-20365

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page...

6.1CVSS6AI score0.01172EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.7 views

CVE-2019-20527

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL parameter...

6.1CVSS5.8AI score0.00906EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-10916

Malware in sbrugna...

6.1CVSS6.3AI score0.01411EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10917

Malware in sbrugna...

6.1CVSS6.3AI score0.01172EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-17321

Malware in sbrugna...

6.1CVSS6.2AI score0.01169EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1879

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00906EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4508

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.01265EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.8 views

CVE-2020-35199

Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS...

5.4CVSS6.7AI score0.0061EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:32 p.m.7 views

CVE-2020-35127

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS...

5.4CVSS6.7AI score0.00566EPSS
Exploits1
OSV
OSV
added 2024/03/26 9:15 p.m.14 views

CVE-2024-25420

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

7.2CVSS7.7AI score0.0165EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2024/03/26 12:0 a.m.10 views

CVE-2024-25421

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

7.1AI score0.0165EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/26 12:0 a.m.49 views

CVE-2024-25421

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

7AI score0.0165EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/26 12:0 a.m.37 views

CVE-2024-25420

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component...

7AI score0.0165EPSS
Exploits2References6
OSV
OSV
added 2024/03/06 11:0 a.m.9 views

BIT-OPENFIRE-2020-24604

A Reflected XSS vulnerability was discovered in Ignite Realtime Openfire version 4.5.1. The XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the GET request "searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescriptio...

6.1CVSS5.9AI score0.01169EPSS
Exploits1References2
OSV
OSV
added 2024/03/06 11:0 a.m.19 views

BIT-OPENFIRE-2020-35127

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS...

5.4CVSS5.6AI score0.00566EPSS
Exploits1References1
Rows per page
Query Builder