Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2022/05/26 12:0 a.m.277 views

Tigase XMPP Server Stanza Smuggling

Tigase XMPP server: XMPP stanza smuggling via unescaped qutes Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to "smuggle" or, if you prefer, inject arbitrary attacker-controlled stanza in the XMPP...

7.4AI score
Exploits0
NVD
NVD
added 2012/08/25 4:55 p.m.16 views

CVE-2012-4670

Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a 1 Verify Response or 2 Authorization Response...

6.4CVSS6.6AI score0.01308EPSS
Exploits0References4
Prion
Prion
added 2012/08/25 4:55 p.m.14 views

Server side request forgery (ssrf)

Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a 1 Verify Response or 2 Authorization Response...

6.4CVSS7.1AI score0.01308EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/08/25 4:0 p.m.41 views

CVE-2012-4670

Tigase XMPP Server prior to 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, enabling remote XMPP servers to spoof domains via a Verify Response or an Authorization Response. Affected product: Tigase XMPP Server (versions before 5.1.0). Root cause: missing verif...

6.4CVSS6.8AI score0.01308EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/08/25 4:0 p.m.21 views

CVE-2012-4670

Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a 1 Verify Response or 2 Authorization Response...

6.6AI score0.01308EPSS
Exploits0References4
Rows per page
Query Builder