profanity: user impersonation
| Package(s): | profanity | CVE #(s): | CVE-2017-5592 | ||||
| Created: | February 22, 2017 | Updated: | February 22, 2017 | ||||
| Description: | From the CVE entry:
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity (0.4.7 - 0.5.0). | ||||||
| Alerts: |
| ||||||