Igniterealtime: >> User Import Export Security Vulnerabilities
An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability.
CVSS Score
8.1
EPSS Score
0.004
Published
2018-05-15