Ignite Realtime Openfire prior to 4.4.1 has reflected XSS via an LDAP setup test.
igniterealtime openfire