{"id":7774,"date":"2019-12-31T20:01:23","date_gmt":"2020-01-01T03:01:23","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&p=7774"},"modified":"2023-02-06T11:43:48","modified_gmt":"2023-02-06T18:43:48","slug":"cve-2019-20364-openfire","status":"publish","type":"zerodays","link":"https:\/\/webdev.securin.xyz\/zerodays\/cve-2019-20364-openfire\/","title":{"rendered":"CVE-2019-20364 – Multiple Reflected Cross-Site Scripting in Openfire Product"},"content":{"rendered":"

A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user\u2019s browser while the browser is connected to a trusted web site. The application targets your application\u2019s users and not the application itself, but it uses your application as the vehicle for the attack. XSS payload is executed whenever the user submits the crafted POST request with XSS Payload in Openfire 4.4.4 Product.<\/p>\n","protected":false},"featured_media":13580,"parent":0,"menu_order":0,"template":"","vulnerability_categories":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7774"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":3,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7774\/revisions"}],"predecessor-version":[{"id":13688,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7774\/revisions\/13688"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/13580"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=7774"}],"wp:term":[{"taxonomy":"vulnerability_categories","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/vulnerability_categories?post=7774"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}