powered by Jive Software

[XSS]Openfire admin panel

In the admin panel of openfire, if you go to Archiving to start a search for a conversation you will have a url something like this:

http://domain.tld/plugins/monitoring/archive-search.jsp?participant1=any&partici pant2=any&startDate=any&endDate=any&keywords=&submitForm=Search&start&range=&par seRange=

The folowing parameters are vulnerable to Reflected XSS(Cross Site Scripting):

participant1

participant2

startDate

endDate

keywords

Proof of Concept:

You can see in the top right that it is the latest version of openfire.

Thanks

Filed as OF-845