Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.2.2, and possibly other versions prior to 2.3.0 Beta 2, allows remote malicious users to inject arbitrary web script or HTML via the username parameter, a different vulnerability than CVE-2005-4877.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ignite realtime openfire 2.2.2 |