Filtered by vendor Igniterealtime
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45967 | 2 Igniterealtime, Pascom | 2 Openfire, Cloud Phone System | 2024-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints. | |||||
| CVE-2019-18394 | 1 Igniterealtime | 1 Openfire | 2020-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. | |||||