Описание
XSS in Ignite Realtime Openfire via isTrustStore
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-20366
- https://github.com/igniterealtime/Openfire/pull/1561
- https://github.com/igniterealtime/Openfire/commit/fef55d4be50da8f66f468d9e7d822528acb8273d
- https://cybersecurityworks.com/zerodays/cve-2019-20366-openfire.html
- https://issues.igniterealtime.org/browse/OF-1955
Пакеты
Наименование
org.igniterealtime.openfire:parent
maven
Затронутые версииВерсия исправления
<= 4.4.4
4.5.0
Связанные уязвимости
CVSS3: 6.1
nvd
около 6 лет назад
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.