Description
Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
Remediation
References
https://discourse.igniterealtime.org/t/openfire-4-6-0-has-reflective-xss-vulnerabilities/89296
Related Vulnerabilities
CVE-2010-5312 Vulnerability in npm package jquery-ui
CVE-2022-41932 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2019-10790 Vulnerability in npm package taffy
CVE-2022-25767 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2023-22457 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui