FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities

OVERVIEW Fastpath WebChat is vulnerable to Cross Site Scripting. 2. BACKGROUND Fastpath WebChat is part of the Fastpath product. It provides a way for users to begin chatting with support agents using Fastpath. Fastpath is a plugin of OpenFire, a real time collaboration RTC server for instant...

Jive Software Openfire Jabber Server Authentication Bypass (CVE-2008-6508)

Openfire previously known as Wildfire Server is an open source Jabber/XMPP server written in Java. Jabber is an open instant messaging technology that is maintained by the community. Extensible Messaging and Presence Protocol XMPP is an open, XML-inspired protocol originally aimed at...

Jive Software Openfire Jabber Server SQL Injection (CVE-2008-6509)

Openfire previously known as Wildfire Server is an open source Jabber/XMPP server written in Java. Jabber is an open instant messaging technology that is maintained by the community. Extensible Messaging and Presence Protocol XMPP is an open, XML-inspired protocol originally aimed at...

sunForumXSS.txt

Sun, in their amazing patheticness, have again allowed direct HTML to be written into their forum system. URL: http://forum.java.sun.com/forum.jspa?forumID=553 It works on only select forums, but due to severe incompetence from the administrators of the site, this issue will occur quit often. It ...