Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
igniterealtime openfire vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-11688
Ignite Realtime Openfire prior to 3.9.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context o...
Igniterealtime Openfire 3.7.1
6.1
CVSSv3
CVE-2019-20364
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp.
Igniterealtime Openfire 4.4.4
6.1
CVSSv3
CVE-2019-20366
An XSS issue exists in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
Igniterealtime Openfire 4.4.4
6.1
CVSSv3
CVE-2019-20525
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter.
Igniterealtime Openfire 4.4.1
6.1
CVSSv3
CVE-2019-20527
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL parameter.
Igniterealtime Openfire 4.4.1
8.1
CVSSv3
CVE-2017-2815
An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerab...
Igniterealtime User Import Export 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4