Openfire Path Traversal (CVE-2023-32315)

Description

Acunetix determined that it was possible to access Openfire's administrative endpoints without authentication due to the path traversal vulnerability.

Remediation

Upgrade to the latest version of Openfire

References

Administration Console authentication bypass in openfire xmppserver

Related Vulnerabilities

WordPress Plugin Flexible Captcha Security Bypass (4.0)

WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin Security Bypass (1.2.49.0)

Path Traversal in Next.js up to 9.3.1

WordPress Plugin QR Redirector Security Bypass (1.5)

WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)

Severity

High

Classification

CVE-2023-32315 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities