Description
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.
Remediation
References
https://www.exploit-db.com/exploits/49235
Related Vulnerabilities
CVE-2021-3223 Vulnerability in npm package node-red-dashboard
CVE-2023-49379 Vulnerability in maven package com.jfinal:jfinal
CVE-2019-5413 Vulnerability in maven package org.webjars.npm:morgan
CVE-2022-38900 Vulnerability in maven package org.webjars.npm:decode-uri-component
CVE-2022-48216 Vulnerability in npm package @uniswap/universal-router