MEDIUM
Poezio
CVE published 2017-02-09
CVE-2017-5591
CVE-2017-5591 describes an XMPP client trust failure in Message Carbons handling. In affected versions, a remote attacker may cause the application to display messages as if they came from another user, including a contact, which can mislead users and support social engineering. The official NVD data ties the issue to SleekXMPP up to 1.3.1, Slixmpp up to 1.2.3, and Poezio 0.8 through 0.10 as bundled with [truncated]