CVE-2020-35199: XSS
First published: Sat Dec 12 2020(Updated: )
Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Igniterealtime Openfire | =4.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Ignite Realtime Openfire 4.6.0?
The vulnerability ID of Ignite Realtime Openfire 4.6.0 is CVE-2020-35199.
What is the severity rating of CVE-2020-35199?
The severity rating of CVE-2020-35199 is medium, with a severity value of 5.4.
What is the affected software?
The affected software is Ignite Realtime Openfire 4.6.0.
What is the CWE ID of CVE-2020-35199?
The CWE ID of CVE-2020-35199 is CWE-79.
Is there a known exploit for CVE-2020-35199?
Yes, there is a known exploit for CVE-2020-35199. You can find more information at https://www.exploit-db.com/exploits/49233.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/igniterealtime
- canonical/igniterealtime openfire
- version/igniterealtime openfire/4.6.0