| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-6973 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2
|
09-10-2018 - 19:57 | 16-09-2015 - 19:59 | |
| CVE-2015-7707 | 6.5 |
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
|
01-07-2017 - 01:29 | 05-10-2015 - 15:59 | |
| CVE-2015-6972 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName par
|
01-07-2017 - 01:29 | 16-09-2015 - 19:59 |