EPSS
Percentile
29.3%
Openfire Core XMPP Server is vulnerable to cross-site scripting (XSS). The attack is possible because it does not sanitize the parameters in LDAP setup test, allowing an attacker to inject arbitrary script through it.
github.com/igniterealtime/Openfire/compare/cd0a573...5e5d9e5
github.com/igniterealtime/Openfire/pull/1441