CVE-2019-20525 | Ignite Realtime Openfire 4.4.1 setup-datasource-standard.jsp driver cross site scripting
A vulnerability was found in Ignite Realtime Openfire 4.4.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file setup/setup-datasource-standard.jsp. The manipulation of the argument driver as part of Parameter leads to cross site scripting.
This vulnerability is known as CVE-2019-20525. The attack can be launched remotely. There is no exploit available.