Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ignite vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-20528
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter.
Igniterealtime Openfire 4.4.1
383
VMScore
CVE-2019-20363
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via alias to Manage Store Contents.
Igniterealtime Openfire 4.4.4
383
VMScore
CVE-2019-20364
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp.
Igniterealtime Openfire 4.4.4
383
VMScore
CVE-2019-20366
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
Igniterealtime Openfire 4.4.4
383
VMScore
CVE-2019-20365
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page.
Igniterealtime Openfire 4.4.4
445
VMScore
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire up to and including 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
Igniterealtime Openfire
1 Github repository
670
VMScore
CVE-2019-18394
A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire up to and including 4.4.2 allows malicious users to send arbitrary HTTP GET requests.
Igniterealtime Openfire
383
VMScore
CVE-2019-15488
Ignite Realtime Openfire prior to 4.4.1 has reflected XSS via an LDAP setup test.
Igniterealtime Openfire
445
VMScore
CVE-2019-4337
IBM Robotic Process Automation with Automation Anywhere 11 could allow an malicious user to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.
Ibm Robotic Process Automation With Automation Anywhere
383
VMScore
CVE-2018-11688
Ignite Realtime Openfire prior to 3.9.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context o...
Igniterealtime Openfire 3.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »