RSS   Vulnerabilities for 'Jabberd2'   RSS

2012-08-25
 
CVE-2012-3525

CWE-20
 

 
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.

 


Copyright 2024, cxsecurity.com

 

Back to Top