Ignite Realtime Openfire server-props.jsp Cross-Site Request Forgery (CVE-2015-6973)
A cross-site request forgery vulnerability has been reported in Openfire's server-props.jsp script. The vulnerability is due to insufficient CSRF protections. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user with administrative privileges to visit a page which...