Description
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.
Remediation
References
https://www.exploit-db.com/exploits/49235
Related Vulnerabilities
CVE-2022-22965 Vulnerability in maven package org.springframework:spring-webflux
CVE-2022-29770 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2018-20227 Vulnerability in maven package org.eclipse.rdf4j:rdf4j-util
CVE-2022-2191 Vulnerability in maven package org.eclipse.jetty:jetty-server
CVE-2023-22621 Vulnerability in npm package @strapi/plugin-users-permissions