powered by Jive Software

XML External Entity Injection

My colleauges at Cisco inc. have discovered an XML External Entity Injection against a plugin of Openfire.How do wish to proceed? Is it prefereable that I simply post the details of the advisory here or should we establish an alernate communication route.

Thank you

Thanks. Emailing security@igniterealtime.org may be the best first step.