Description
Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
Remediation
References
https://discourse.igniterealtime.org/t/openfire-4-6-0-has-reflective-xss-vulnerabilities/89296
Related Vulnerabilities
CVE-2023-29527 Vulnerability in maven package org.xwiki.platform:xwiki-platform-appwithinminutes-ui
CVE-2023-27474 Vulnerability in npm package directus
CVE-2022-41245 Vulnerability in maven package org.jenkins-ci.plugins:ws-execution-manager
CVE-2023-42277 Vulnerability in maven package cn.hutool:hutool-core