CVE-2012-3525
EPSS 2.9%發布日:2012/8/25修改日:2026/4/28
描述
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
受影響套件(1)
- Debian/jabberd2from 0, < 2.2.17-1