Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-942 CVE-2015-6972 CVE-2015-6973 Admin Console Security Improvements
  3. OF-1022

Reflected XSS vulnerability in muc-room-edit-form.jsp params in Admin Console

    XMLWordPrintable

    Details

      Description

      The following parameters in '/muc-room-edit-form.jsp' have been identified as being vulnerable to reflected XSS (Cross Site Scripting):

      • roomconfig_persistentroom
      • roomconfig_roomsecret
      • roomconfig_roomsecret2

      See the attached Burp Suite report for further details.

        Attachments

          Activity

            People

            Assignee:
            dwd Dave Cridland
            Reporter:
            timd Tim Durden
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: