An incorrect implementation of βXEP-0280: Message Carbonsβ in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable applicationβs display. This allows for various kinds of social engineering attacks. This CVE is for jappix 1.0.0 to 1.1.6.