An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for jappix 1.0.0 to 1.1.6.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-02-09T20:00:00
Updated: 2024-08-05T15:04:15.324Z
Reserved: 2017-01-28T00:00:00
Link: CVE-2017-5602
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-02-09T20:59:00.373
Modified: 2024-11-21T03:27:58.890
Link: CVE-2017-5602
Redhat
No data.