Количество 2
Количество 2
CVE-2017-5858
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Converse.js (0.8.0 - 1.0.6, 2.0.0 - 2.0.4).
GHSA-w973-2qcc-p78x
User Impersonation in converse.js
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-5858 An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Converse.js (0.8.0 - 1.0.6, 2.0.0 - 2.0.4). | CVSS3: 5.9 | 0% Низкий | почти 9 лет назад |
| GHSA-w973-2qcc-p78x User Impersonation in converse.js | CVSS3: 5.9 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу