Back to all zero days
Multiple Cross-Site Scripting (XSS) in Openfire Product
Ignite Realtime Openfire
4th Feb, 2020
Proof of concept: (POC)
The following vulnerability was tested on Openfire version 4.5.0 Product.
Issue 01: Reflected cross-site scripting (POST Request)
Figure 01: System Properties page