Description
Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test.
Remediation
References
https://github.com/igniterealtime/Openfire/compare/cd0a573...5e5d9e5
https://github.com/igniterealtime/Openfire/pull/1441
Related Vulnerabilities
CVE-2022-29237 Vulnerability in maven package org.opencastproject:opencast-ingest-service-impl
CVE-2021-25946 Vulnerability in npm package nconf-toml
CVE-2022-23620 Vulnerability in maven package org.xwiki.platform:xwiki-platform-skin-skinx
CVE-2019-12406 Vulnerability in maven package org.apache.cxf:cxf-core
CVE-2022-36527 Vulnerability in maven package com.jflyfox:jflyfox_jfinal