PT-2021-4056 · Prosody +2 · Prosody +2

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: The issue is related to the undocumented dialback without dialback option in the mod dialback module, which enables an experimental feature for server-to-server authentication. This option does no...

DEBIAN-CVE-2012-3525

s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a 1 Verify Response or 2 Authorization Response...