Known vulnerabilities in Ignite Realtime Openfire

Known vulnerabilities in Ignite Realtime Openfire

Vendor: Ignite Realtime

Website: https://igniterealtime.org/

Total Security Bulletins: 13

Security bulletins (13)

Secuity bulletin	Severity	Status	Published
SB2025091575: Identity spoofing via X.509 certificate in Openfire	Medium	Patched	15.09.2025
SB2024030427: SQL injection in Openfire	High	Patched	04.03.2024
SB2023052418: Authentication bypass in Openfire	High	Patched Exploited	24.05.2023
SB2020121530: Multiple vulnerabilities in Ignite Realtime Openfire	Low	Patched	15.12.2020
SB2020031834: Multiple vulnerabilities in Openfire	Low	Patched	18.03.2020
SB2020010823: Multiple vulnerabilities in Openfire	Low	Patched	08.01.2020
SB2019101201: Cross-site scripting in Openfire	Low	Patched	12.10.2019
SB2019082313: Reflected cross-site scripting in Openfire	Low	Patched	23.08.2019
SB2018061312: Cross-site scripting in Openfire	Low	Patched	13.06.2018
SB2017102613: Cross-site scripting in Openfire	Low	Patched	26.10.2017
SB2017081807: Spoofing attack in Openfire	Low	Patched	18.08.2017
SB2015100508: Multiple vulnerabilities in Openfire	Medium	Patched Public exploit	05.10.2015
SB2014041101: Denial of service in Openfire	Medium	Patched	11.04.2014