NuytsTech Security

CVE-2020-24601

by ·

In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an attacker to execute an arbitrary malicious URL via the vulnerable POST parameter searchName", "alias" in the import certificate trusted page

Date published : 2020-09-02

https://cybersecurityworks.com/zerodays/cve-2020-24601-ignite-realtime-openfire.html

https://issues.igniterealtime.org/browse/OF-1963

Tags: