CVE-2008-6508
CVE-2008-6508 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI.
Learn more about our Web Application Penetration Testing UK.