CVE-2008-6510
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-6510
Status
Candidate
Description
Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Phase
Assigned (23.03.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6510
References
BID :
32189
BUGTRAQ :
20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
CONFIRM :
http://www.igniterealtime.org/issues/browse/JM-629
MILW0RM :
7075
MISC :
http://www.andreas-kurtz.de/advisories/AKADV2008-0...
VUPEN :
ADV-2008-3061
XF :
openfire-url-xss(46486)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
