Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2020-35200

Disclosure Date: December 12, 2020 (last updated February 22, 2025)
Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-35201

Disclosure Date: December 12, 2020 (last updated February 22, 2025)
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-35199

Disclosure Date: December 12, 2020 (last updated February 22, 2025)
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-35202

Disclosure Date: December 12, 2020 (last updated February 22, 2025)
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-35127

Disclosure Date: December 11, 2020 (last updated February 22, 2025)
Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0