BETAmodules.com is in beta — open to partnerships & joint ventures.Build with us
modules.com
⌘K

org.igniterealtime.openfire:xmppserver

v4.2.0Maven· Java
The verdict
Has 6 high-severity advisories. Verify a patched version exists before using. Check the OSV link for the fixed-in version.
Check the OSV link for the fixed-in version.
Live from the Maven registry · derived rules, not AI
How it scores
MaintenanceAbandoned
PopularityUnknown
Security6 advisories
LicensePermissive
DepsZero deps
Maintenance
Last published 8 years ago.
Popularity
Download count unavailable.
Security
6 known advisories (worst: high severity).
License
Apache-2.0
Dependencies
No runtime dependencies
Security advisories
Live from OSV.dev · cached 24h
  • HIGH
    Ignite Realtime Openfire privilege escalation vulnerability
    GHSA-5xvc-rwv8-86p7 Fixed in 4.8.1Published 2024-03-26
  • HIGH
    Ignite Realtime Openfire privilege escalation vulnerability
    GHSA-6pwg-gg6j-5crm Fixed in 4.8.1Published 2024-03-26
  • HIGH
    Administration Console authentication bypass in openfire xmppserver
    GHSA-gw42-f939-fhvm Fixed in 4.6.8Published 2023-05-23
  • MEDIUM
    Cross-site Scripting in Ignite Realtime Openfire
    GHSA-5qfv-rr79-chx5 Fixed in 4.4.1Published 2019-08-27
  • MEDIUM
    Openfire has potential identity spoofing issue via unsafe CN parsing
    GHSA-w252-645g-87mp Fixed in 5.0.2Published 2025-09-16
  • MEDIUM
    Ignite Realtime Openfire allows Cross-site Scripting
    GHSA-wx2w-8pqw-vp4g Fixed in 4.4.2Published 2022-05-24
Recent releases
  • 4.2.08 years ago
org.igniterealtime.openfire:xmppserver (Java / Maven Central) · Modules