Lucene search
Veracode Vulnerability DatabaseVERACODE:21778HistoryOct 25, 2019 - 2:46 a.m.
Server-Side Request Forgery (SSRF)
2019-10-2502:46:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.568
Percentile
97.8%
xmppserver is vulnerable to server-side request forgery (SSRF). The getImage function in FaviconServlet.java allows attackers to send arbitrary HTTP GET requests on behalf of the server.
Related
cvelist
cvelist
CVE-2019-18394
2019-10-24 10:58:34
CVE-2021-45968
2022-03-18 04:56:37
nuclei
nuclei
Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
2020-08-04 15:24:23
github
github
Ignite Realtime Openfire vulnerable to Server Side Request Forgery
2022-05-24 16:59:50
attackerkb
attackerkb
CVE-2019-18394
2019-10-24 00:00:00
cve
cve
CVE-2019-18394
2019-10-24 11:15:10
CVE-2021-45968
2022-03-18 05:15:07
prion
prion
Server side request forgery (ssrf)
2019-10-24 11:15:00
Server side request forgery (ssrf)
2022-03-18 05:15:00
thn
thn
Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses
2022-03-09 09:48:00
osv
osv
Ignite Realtime Openfire vulnerable to Server Side Request Forgery
2022-05-24 16:59:50
CVE-2019-18394
2019-10-24 11:15:10
nessus
nessus
Openfire SSRF (CVE-2019-18394)
2024-07-19 00:00:00
nvd
nvd
CVE-2019-18394
2019-10-24 11:15:10
CVE-2021-45968
2022-03-18 05:15:07
openvas
openvas
Openfire < 4.4.3 Multiple Vulnerabilities
2020-08-05 00:00:00