Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ignite realtime openfire vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20525
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter.
Igniterealtime Openfire 4.4.1
4.3
CVSSv2
CVE-2019-20526
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password parameter.
Igniterealtime Openfire 4.4.1
4.3
CVSSv2
CVE-2019-20527
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL parameter.
Igniterealtime Openfire 4.4.1
4.3
CVSSv2
CVE-2019-20528
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter.
Igniterealtime Openfire 4.4.1
4.3
CVSSv2
CVE-2019-20363
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via alias to Manage Store Contents.
Igniterealtime Openfire 4.4.4
4.3
CVSSv2
CVE-2019-20365
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page.
Igniterealtime Openfire 4.4.4
4.3
CVSSv2
CVE-2019-20364
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp.
Igniterealtime Openfire 4.4.4
4.3
CVSSv2
CVE-2019-20366
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
Igniterealtime Openfire 4.4.4
5
CVSSv2
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire up to and including 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
Igniterealtime Openfire
1 Github repository
7.5
CVSSv2
CVE-2019-18394
A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire up to and including 4.4.2 allows malicious users to send arbitrary HTTP GET requests.
Igniterealtime Openfire
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »