CVE-2012-4671

psyced < 20120821 - Domain Spoofing via XMPP Server Dialback Response

Title source: llm
STIX 2.1

Description

psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

References (2)

Core 2
Core References
Various Sources x_refsource_confirm
http://www.psyced.org/files/psyced-20120821.tar.bz2

Scores

EPSS 0.0088
EPSS Percentile 54.7%

Details

CWE
CWE-20
Status published
Products (4)
psyced/psyced 20081120
psyced/psyced 20090323
psyced/psyced 20090617
psyced/psyced < 20111122
Published Aug 25, 2012
Tracked Since Feb 18, 2026