CVE-2023-32315

Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users. Vendor/Product: Ignite Realtime Openfire. Added to CISA KEV 2023-08-24; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.