I stumbled on a xss vulnerability i openfire 3.4.5. After looking at the reported bugs and trying to find anything about it in the forum, I have concluded that this is a previously unknown vulnerability. The recommendation I’ve found is to post it in the forum, this just don’t feel right.
Where should i send the information about this?
Do you really want me to post it in the forum?