CVE-2017-5605
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Movim 0.8 - 0.10.Enginsight
Vendor | Product | Version |
---|---|---|
movim | movim | 0.8 |
movim | movim | 0.8.1 |
movim | movim | 0.9 |
movim | movim | 0.10 |
Common Weakness Enumeration