Hi Everybody!
I see several users being created daily in my Openfire, some with a generic name or openfiresupport, where they upload a plugin and then stop accessing it, is it some malware? how do i prevent external connection?
I removed the users and they are always recreated.
Sorry to hear about the problems, Paulo.
The root cause of this is CVE-2023-32315, please read the security advisory as soon as you can, it covers the steps you need to take to block this activity:
OMG! 
Tks cybermaggedon!!!
I disabled external access which was rarely used as a stopgap until I managed to update Openfire, Thanks!
