Identifier

CVE-2020-24601

Package Slug

maven/org.igniterealtime.openfire/distribution

Vulnerability

Cross-site Scripting

Description

In Ignite Realtime Openfire, a stored cross-site scripting vulnerability allows an attacker to execute an arbitrary malicious URL via the vulnerable POST parameters searchName and alias in the import certificate trusted page.

Affected Versions

Version 4.5.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-09-08

source