pkg:Maven/org.igniterealtime.openfire:xmppserver
6 total CVEsHIGH2MEDIUM3
✅ Check your installed version
All known vulnerabilities
HIGH8.6CVE-2023-32315⚠ KEVAdministration Console authentication bypass in openfire xmppserver >= 3.10.0, < 4.6.8
HIGH7.2CVE-2024-25420Ignite Realtime Openfire privilege escalation vulnerability from 0, < 4.8.1
MEDIUM6.1CVE-2019-20528Ignite Realtime Openfire allows Cross-site Scripting from 0, < 4.4.2
MEDIUM6.1CVE-2019-15488Cross-site Scripting in Ignite Realtime Openfire from 0, < 4.4.1
MEDIUM5.9CVE-2025-59154Openfire has potential identity spoofing issue via unsafe CN parsing from 0, < 5.0.2
—CVE-2024-25421Ignite Realtime Openfire privilege escalation vulnerability from 0, < 4.8.1