Description
Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test.
Remediation
References
https://github.com/igniterealtime/Openfire/compare/cd0a573...5e5d9e5
https://github.com/igniterealtime/Openfire/pull/1441
Related Vulnerabilities
CVE-2021-21697 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2023-3432 Vulnerability in maven package net.sourceforge.plantuml:plantuml
CVE-2020-15232 Vulnerability in maven package org.mapfish.print:print-lib
CVE-2022-42467 Vulnerability in maven package org.apache.isis.core:isis-core-config