CVE-2020-24601
In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an attacker to execute an arbitrary malicious
In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an attacker to execute an arbitrary malicious URL via the vulnerable POST parameter searchName", "alias" in the import certificate trusted page.
MEDIUM · CVSS 6.1
EPSS 0.00615
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0