CVE-2014-8760

2014-10-25T00:55:00
ID CVE-2014-8760
Type cve
Reporter cve@mitre.org
Modified 2015-09-10T15:56:00

Description

ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.