EPSS
Percentile
53.7%
xmppserver is vulnerable to cross-site scripting (XSS). An attacker is able to inject and execute arbitrary Javascript in a user’s browser via the security truststore page.
cybersecurityworks.com/zerodays/cve-2020-24604-ignite-realtime-openfire.html
github.com/igniterealtime/Openfire/pull/1577
issues.igniterealtime.org/browse/OF-1963