An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp.
References
Link | Resource |
---|---|
https://github.com/igniterealtime/Openfire/pull/1561 | Third Party Advisory |
https://issues.igniterealtime.org/browse/OF-1955 | Issue Tracking Vendor Advisory |
https://cybersecurityworks.com/zerodays/cve-2019-20364-openfire.html | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-01-08 09:15
Updated : 2020-11-10 11:40
NVD link : CVE-2019-20364
Mitre link : CVE-2019-20364
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
igniterealtime
- openfire