CVE-2025-66480P2CRITICALCVSS 9.8fixed in 1.4.32026-02-02
CVE-2025-66480 [CRITICAL] CWE-22 CVE-2025-66480: Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical v
Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. The application exposes an endpoint (/fs) that handles multipart file uploads but fails to properly sanit
nvd