In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an malicious user to execute an arbitrary malicious URL via the vulnerable POST parameter searchName", "alias" in the import certificate trusted page
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
igniterealtime openfire 4.5.1 |