Description
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.
Remediation
References
https://www.exploit-db.com/exploits/49235
Related Vulnerabilities
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core_2.12
CVE-2016-10533 Vulnerability in npm package express-restify-mongoose
CVE-2022-22965 Vulnerability in maven package org.springframework:spring-webflux
CVE-2022-40151 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2018-6561 Vulnerability in maven package org.webjars.bowergithub.dojo:dijit