Enhancement: cves/2019/CVE-2019-18394.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-03 16:15:52 -04:00
parent ab44edd77f
commit 14974ffdf1
1 changed files with 1 additions and 1 deletions

View File

@ -4,7 +4,7 @@ info:
name: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
author: pdteam
severity: critical
description: Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.
description: Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.
reference:
- https://swarm.ptsecurity.com/openfire-admin-console/
- https://github.com/igniterealtime/Openfire/pull/1497