Enhancement: cves/2019/CVE-2019-18394.yaml by mp
MostInterestingBotInTheWorld
parent
ab44edd77f
commit
14974ffdf1
|
|
@ -4,7 +4,7 @@ info:
|
||||||
name: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
|
name: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
|
||||||
author: pdteam
|
author: pdteam
|
||||||
severity: critical
|
severity: critical
|
||||||
description: Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.
|
description: Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.
|
||||||
reference:
|
reference:
|
||||||
- https://swarm.ptsecurity.com/openfire-admin-console/
|
- https://swarm.ptsecurity.com/openfire-admin-console/
|
||||||
- https://github.com/igniterealtime/Openfire/pull/1497
|
- https://github.com/igniterealtime/Openfire/pull/1497
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue