Lucene search

K
cvelistCertccCVELIST:CVE-2014-0364
HistoryApr 30, 2014 - 10:00 a.m.

CVE-2014-0364

2014-04-3010:00:00
certcc
www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify the from attribute of a roster-query IQ stanza, which allows remote attackers to spoof IQ responses via a crafted attribute.

6.2 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%