CVE-2006-7233 Information
Description
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0 and possibly other versions before 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Reference
http://secunia.com/advisories/31483 http://www.igniterealtime.org/issues/browse/JM-430 http://www.igniterealtime.org/issues/browse/JM-629 http://www.osvdb.org/47448 http://www.securityfocus.com/bid/30696 https://exchange.xforce.ibmcloud.com/vulnerabilities/44459 Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0 and possibly other versions before 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Share on: