HIGH8.6CVE-2023-32315⚠ KEVAdministration Console authentication bypass in openfire xmppserver >= 3.10.0, < 4.6.8, >= 4.7.0, < 4.7.5
CRITICAL9.8CVE-2021-45967An issue was discovered in Pascom Cloud Phone System before 7.20.x. from 0, < 4.5.0 | >= 4.5.0, <= 4.5.0
MEDIUM6.1In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an attacker to execute an arbitrary malicious URL via the vulner…
>= 4.5.1, <= 4.5.1
MEDIUM6.1Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vulnerability which allows an attacker to execute arbitrary malicious U…
>= 4.5.1, <= 4.5.1
MEDIUM6.1A Reflected XSS vulnerability was discovered in Ignite Realtime Openfire version 4.5.1.
>= 4.5.1, <= 4.5.1
MEDIUM6.1Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
>= 4.6.0, <= 4.6.0
MEDIUM5.4Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS.
>= 4.6.0, <= 4.6.0
MEDIUM5.4Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.
>= 4.6.0, <= 4.6.0
MEDIUM5.4Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.
>= 4.6.0, <= 4.6.0
MEDIUM5.4Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.
>= 4.6.0, <= 4.6.0