• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Openfire 'login.jsp' Cross-Site Scripting Vulnerability

Bugtraq ID:	30696
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Aug 14 2008 12:00AM
Updated:	Aug 27 2008 04:54AM
Credit:	Daniel Henninger
Vulnerable:	Ignite Realtime Openfire 3.5.2 Ignite Realtime Openfire 3.5.1 Ignite Realtime Openfire 3.5 Ignite Realtime Openfire 3.4.5 Ignite Realtime Openfire 3.4.4 Ignite Realtime Openfire 3.4.3 Ignite Realtime Openfire 3.4.2 Ignite Realtime Openfire 3.4.1 Ignite Realtime Openfire 3.4 Ignite Realtime Openfire 3.3.1 Ignite Realtime Openfire 3.3
Not Vulnerable: