|
|
Openfire 'user-properties.jsp' Cross-Site Scripting Vulnerability
|
Bugtraq ID:
|
32938
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2009-0496
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jan 08 2009 12:00AM
|
|
Updated:
|
Apr 03 2009 09:46PM
|
|
Credit:
|
Federico Muttis of Core Security Technologies
|
|
Vulnerable:
|
Ignite Realtime Openfire 3.6.2
Ignite Realtime Openfire 3.5.2
Ignite Realtime Openfire 3.5.1
Ignite Realtime Openfire 3.5
Ignite Realtime Openfire 3.4.5
Ignite Realtime Openfire 3.4.4
Ignite Realtime Openfire 3.4.3
Ignite Realtime Openfire 3.4.2
Ignite Realtime Openfire 3.4.1
Ignite Realtime Openfire 3.4
Ignite Realtime Openfire 3.3.1
Ignite Realtime Openfire 3.3
Ignite Realtime Openfire 3.6.0a
Gentoo Linux
|
|
|
|
Not Vulnerable:
|
Ignite Realtime Openfire 3.6.3
|
|
|
