Vulnerabilities > Ignite Realtime > Openfire > 3.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-01 | CVE-2007-2975 | Permissions, Privileges, and Access Controls vulnerability in Ignite Realtime Openfire The admin console in Ignite Realtime Openfire 3.3.0 and earlier (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the downloader. | 7.5 |