GHSA-m6pr-xcrm-4qqp
Suggest an improvement- Source
- https://github.com/advisories/GHSA-m6pr-xcrm-4qqp
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-m6pr-xcrm-4qqp/GHSA-m6pr-xcrm-4qqp.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-m6pr-xcrm-4qqp
- Aliases
- Published
- 2022-05-24T22:01:17Z
- Modified
- 2024-11-29T05:27:05.912722Z
- Summary
- XSS in Ignite Realtime Openfire via isTrustStore
- Details
-
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.
- Database specific
{ "nvd_published_at": "2020-01-08T17:15:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-07-18T23:17:11Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2019-20366
- https://github.com/igniterealtime/Openfire/pull/1561
- https://github.com/igniterealtime/Openfire/commit/fef55d4be50da8f66f468d9e7d822528acb8273d
- https://cybersecurityworks.com/zerodays/cve-2019-20366-openfire.html
- https://github.com/igniterealtime/Openfire
- https://issues.igniterealtime.org/browse/OF-1955
Affected packages
Maven / org.igniterealtime.openfire:parent
Package
- Name
- org.igniterealtime.openfire:parent
- View open source insights on deps.dev
- Purl
- pkg:maven/org.igniterealtime.openfire/parent