Security Advisory

CVE-2009-1595

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-05-11 14:02:00

Last updated 2024-08-07 05:20:34

Assigner mitre

State PUBLISHED

Description

The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 allows remote authenticated users to change the passwords of arbitrary accounts via a modified username element in a passwd_change action.

← Browse all CVEs View on cve.org ↗