CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Igniterealtime: Security Vulnerabilities

CVE-2008-6510

Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CVSS Score

4.3

EPSS Score

0.039

Published

2009-03-23

CVE-2008-6511

Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.

CVSS Score

5.8

EPSS Score

0.015

Published

2009-03-23

CVE-2009-0497

Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.

CVSS Score

5.0

EPSS Score

0.059

Published

2009-02-10

Page 5

Vulnerabilities

Vulnerable Software

Igniterealtime: Security Vulnerabilities

Products

Pricing

Contact Us