MEDIUM
Xabber
CVE published 2017-02-09
CVE-2017-5606
CVE-2017-5606 is a medium-severity XMPP client flaw affecting Xabber Android builds listed by NVD as vulnerable when Message Carbons is manually enabled. The issue can let a remote attacker make the app display messages as if they came from another user, including contacts, which creates a social-engineering risk rather than direct code execution or data loss.