CVE-2008-6510

EPSS 5.02% · P90 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-6510

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Igniterealtime Openfire管理终端跨站脚本攻击漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Openfire（前称Wildfire）是IgniteRealtime社区的一款采用Java开发且基于XMPP（前称Jabber，即时通讯协议）的跨平台开源实时协作（RTC）服务器，它能够构建高效率的即时通信服务器，并支持上万并发用户数量。 Openfire服务器中的多个安全漏洞可能允许攻击者在操作系统上执行任意代码，具体取决于特定的运行时环境。 login.jsp的url参数和username参数存在跨站脚本漏洞，攻击者可以操控这些参数指定认证后用户将被转发到的目的地。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-6510

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-6510

Please Login to view more intelligence information

http://www.igniterealtime.org/issues/browse/JM-629x_refsource_CONFIRM
http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txtx_refsource_MISC
https://www.exploit-db.com/exploits/7075exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/32189vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2008/3061vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/46486vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/498162/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2008-6510

Same Patch Batch · n/a · 2009-03-23 · 19 CVEs total

CVE-2009-1046		Linux Kernel控制台选择功能本地拒绝服务漏洞
CVE-2009-1044		Mozilla Firefox _moveToEdgeShift方式远程代码执行漏洞
CVE-2009-1043		Microsoft Internet Explorer安全漏洞
CVE-2009-1042		Apple Safari 未明远程代码执性漏洞
CVE-2009-0733		Little CMS 缓冲区错误漏洞
CVE-2009-0723		Little CMS 输入验证错误漏洞
CVE-2009-0581		GIMP 资源管理错误漏洞
CVE-2008-6505		Apache Struts多个目录遍历漏洞
CVE-2008-6504		Opensymphony XWork ParameterInterceptor类绕过安全限制漏洞
CVE-2008-6508		Igniterealtime Openfire管理终端目录遍历漏洞
CVE-2009-1045		Videolan VLC媒体播放器Web界面input参数远程栈溢出漏洞
CVE-2008-6507		phpBB 未明漏洞
CVE-2008-6506		phpBB Account Re-Activation 权限绕过漏洞
CVE-2009-1047		Drupal多个模块跨站脚本及SQL注入漏洞
CVE-2009-0584		Ghostscript多个输入验证和整数溢出漏洞
CVE-2009-0583		Artifex Software Ghostscript 缓冲区错误漏洞
CVE-2008-6511		igniterealtime Openfire ’login.jsp’输入验证错误漏洞
CVE-2008-6509		Igniterealtime Openfire CallLogDAO SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-6510

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2008-6510

I. Basic Information for CVE-2008-6510

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-6510

III. Intelligence Information for CVE-2008-6510

Same Patch Batch · n/a · 2009-03-23 · 19 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2008-6510

Leave a comment