Openfire 'user-properties.jsp' Cross-Site Scripting Vulnerability

Bugtraq ID: 32938
Class: Input Validation Error
CVE: CVE-2009-0496
Remote: Yes
Local: No
Published: Jan 08 2009 12:00AM
Updated: Apr 03 2009 09:46PM
Credit: Federico Muttis of Core Security Technologies
Vulnerable: Igniterealtime Openfire 3.6.2
Igniterealtime Openfire 3.5.2
Igniterealtime Openfire 3.5.1
Igniterealtime Openfire 3.5
Igniterealtime Openfire 3.4.5
Igniterealtime Openfire 3.4.4
Igniterealtime Openfire 3.4.3
Igniterealtime Openfire 3.4.2
Igniterealtime Openfire 3.4.1
Igniterealtime Openfire 3.4
Igniterealtime Openfire 3.3.1
Igniterealtime Openfire 3.3
Igniterealtime Openfire 3.6.0a
Gentoo Linux
Not Vulnerable: Igniterealtime Openfire 3.6.3


 

Privacy Statement
Copyright 2010, SecurityFocus