Synced 18 Jun 2026 05:58 UTC Account
← All products

CVE-2008-6511

MEDIUM severity · CVSS 5.8 · Improper input validation
5.8CVSS MEDIUM

Summary

Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.

Impact & exploitability

Attack vectorNetwork
Attack complexity
Privileges required
User interaction
Confidentiality impactNone
Integrity impact
Availability impact
Exploit probability (EPSS)2%

AV:N/AC:M/Au:N/C:N/I:P/A:P

Affected products we track (1)

Openfire

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information