Description
Acunetix determined that it was possible to access Openfire's administrative endpoints without authentication due to the path traversal vulnerability.
Remediation
Upgrade to the latest version of Openfire
References
Related Vulnerabilities
WordPress Plugin Floating Cart for WooCommerce Security Bypass (1.2.2)
WordPress Plugin Catch Duplicate Switcher Security Bypass (1.5.2)
WordPress Plugin Package Quantity Discount Security Bypass (1.1.2)
WordPress Plugin YITH WooCommerce Multi-step Checkout Security Bypass (1.7.4)
WordPress Plugin WP Source Control Directory Traversal (3.0.0)