Description
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page.
Remediation
References
https://github.com/igniterealtime/Openfire/pull/1561
https://issues.igniterealtime.org/browse/OF-1955
https://cybersecurityworks.com/zerodays/cve-2019-20365-openfire.html
Related Vulnerabilities
CVE-2019-7722 Vulnerability in maven package net.sourceforge.pmd:pmd-core
CVE-2023-31826 Vulnerability in maven package org.skyscreamer:nevado-jms
CVE-2023-40817 Vulnerability in maven package org.opencrx:opencrx-core-models
CVE-2021-21341 Vulnerability in maven package com.thoughtworks.xstream:xstream