Openfire 'user-properties.jsp' Cross-Site Scripting Vulnerability

Bugtraq ID: 32938
Class: Input Validation Error
CVE: CVE-2009-0496
Remote: Yes
Local: No
Published: Jan 08 2009 12:00AM
Updated: Apr 03 2009 09:46PM
Credit: Federico Muttis of Core Security Technologies
Vulnerable: Ignite Realtime Openfire 3.6.2
Ignite Realtime Openfire 3.5.2
Ignite Realtime Openfire 3.5.1
Ignite Realtime Openfire 3.5
Ignite Realtime Openfire 3.4.5
Ignite Realtime Openfire 3.4.4
Ignite Realtime Openfire 3.4.3
Ignite Realtime Openfire 3.4.2
Ignite Realtime Openfire 3.4.1
Ignite Realtime Openfire 3.4
Ignite Realtime Openfire 3.3.1
Ignite Realtime Openfire 3.3
Ignite Realtime Openfire 3.6.0a
Gentoo Linux
Not Vulnerable: Ignite Realtime Openfire 3.6.3


 

Privacy Statement
Copyright 2010, SecurityFocus