CVE-2014-2746
The CVE-2014-2746 issue affects Tigase before version 5.2.1, where net/IOService.java inadequately restricts processing of compressed XML elements. This allows remote attackers to trigger resource consumption and potential denial of service via a crafted XMPP stream (xmppbomb). The vulnerability ...