Gentoo Linux Security Advisory 201612-50 - Multiple vulnerabilities have been found in Openfire, the worst of which could lead to privilege escalation. Versions less than 4.1.0 are affected.
3c1df0aaa23400fdf285f6cdd7ebc3a5090dc54bebf822e15d09feb645c3e10b
Openfire version 3.10.2 suffers from multiple persistent and reflective cross site scripting vulnerabilities.
5e15bc6f2c51349cfedc2d25ff91bba4a25bd06fc746b9b8e10eb08cc281cbbc