Georg Lukas

1 exploit Active since Feb 2017
CVE-2017-5589 WRITEUP MEDIUM WRITEUP
yaxim bruno 0.8.6-0.8.8 - Remote User Impersonation via XEP-0280 Message Carbons
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for yaxim and Bruno (0.8.6 - 0.8.8; Android).
CVSS 5.9