Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CWE-22