| Administrative console of Openfire XMPP server, a web-based application, is found to be vulnerable to a path traversal attack via the setup environment allowing unauthenticated attackers to use the openfire setup environment in an already configured openfire environment to access restricted pages in the openfire admin console reserved for administrative users. |
