Gentoo Linux Security Advisory 201612-50 - Multiple vulnerabilities have been found in Openfire, the worst of which could lead to privilege escalation. Versions less than 4.1.0 are affected.
3c1df0aaa23400fdf285f6cdd7ebc3a5090dc54bebf822e15d09feb645c3e10b
Openfire version 3.10.2 suffers from a cross site request forgery vulnerability.
0e24b5cc34f5f30e0f92cdca09e38caa5c6a3aa1e7231a61f43ed26e5a092d1c