Security for everyone

CVE-2019-18394 Scanner

Detects 'Server Side Request Forgery (SSRF)' vulnerability in Ignite Realtime Openfire affects v. through 4.4.2.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one


Parent Category

CVE-2019-18394 Scanner Detail

Ignite Realtime Openfire is an open-source real-time collaboration server that is widely used for instant messaging, group chat, ad hoc conferences, and web collaboration. This software is designed to suit various industries such as healthcare, education, and government offices. It’s known for its security and scalability features.

CVE-2019-18394 is a Server Side Request Forgery (SSRF) vulnerability recently detected in in Ignite Realtime Openfire through version 4.4.2. An SSRF flaw occurs when an attacker can manipulate input from the user and utilize that information to perform unauthorized requests to other internal systems. In this case, the vulnerability allows attackers to initiate arbitrary HTTP GET requests.

If exploited, the CVE-2019-18394 vulnerability in Ignite Realtime Openfire could lead to significant problems, including unauthorized data disclosure, DoS attacks, and even full-scale system exploitation. The attacker can send arbitrary HTTP GET requests to other systems, including APIs, confidential data sources, and even databases with the same privileges as the Openfire server. This can be used to extract sensitive data from the system, trigger DoS attacks, and even overrun the system entirely.

In conclusion,, with its professional features, provides a comprehensive report of vulnerabilities found in an organization's digital assets. This article has brought to light the recent vulnerability in Ignite Realtime Openfire, which can cause significant damage if not addressed. With the help of, it is easy to stay updated on the current security trends and protect against vulnerabilities in your digital assets.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture