Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

MUC topic permits javascript payloads

Description

Kindly reported to Openfire Security Email List by Sven Tantau

Another vector would be the topic of group chats. Same again.. if an admin looks at the group chat list, the payload would be executed.

Environment

None

Activity

Tom Evans 
April 17, 2014 at 5:03 PM

Merged into master from pull request #1.

Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created July 19, 2013 at 6:07 PM
Updated April 17, 2014 at 5:03 PM
Resolved April 17, 2014 at 5:03 PM