Back to all zero days

Multiple Cross-Site Scripting (XSS) in Openfire Product

Affected Vendor

Ignite Realtime Openfire

Status

Fixed

Date

5th Feb, 2020

Medium Severity

Description

A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s browser while the browser is connected to a trusted web site. The application targets your application’s users and not the application itself, but it uses your application as the vehicle for the attack. XSS payload is executed whenever the user views the crafted POST request with XSS Payload in Openfire 4.5.0 Product.

Proof of concept: (POC)

The following vulnerability was tested on Openfire version 4.5.0 Product.

Issue 01: Reflected cross-site scripting

Figure 01: Injected XSS payload '+accesskey='X'+onclick='alert(document.cookie), gets reflected in the browser response.

Issue 02: Reflected cross-site scripting