Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
igniterealtime openfire vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-35199
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.
Igniterealtime Openfire 4.6.0
4.3
CVSSv2
CVE-2020-35200
Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
Igniterealtime Openfire 4.6.0
6.5
CVSSv2
CVE-2015-7707
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
Igniterealtime Openfire 3.10.2
1 EDB exploit
4.3
CVSSv2
CVE-2018-11688
Ignite Realtime Openfire prior to 3.9.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context o...
Igniterealtime Openfire 3.7.1
5
CVSSv2
CVE-2009-0497
Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote malicious users to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.
Igniterealtime Openfire 3.6.2
1 EDB exploit
6.8
CVSSv2
CVE-2015-6973
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote malicious users to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafte...
Igniterealtime Openfire 3.10.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-20363
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via alias to Manage Store Contents.
Igniterealtime Openfire 4.4.4
4.3
CVSSv2
CVE-2019-20366
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
Igniterealtime Openfire 4.4.4
3.5
CVSSv2
CVE-2020-35127
Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS.
Igniterealtime Openfire 4.6.0
3.5
CVSSv2
CVE-2020-35201
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.
Igniterealtime Openfire 4.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »