Launchpad.net

Launchpad CVE tracker

CVE 2015-7707

Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.

See the

CVE page on Mitre.org for more details.

References