MEDIUM
Yaxim
CVE published 2017-02-09
CVE-2017-5589
CVE-2017-5589 is a display-impersonation flaw in yaxim and Bruno for Android. According to the NVD record, an incorrect implementation of XEP-0280: Message Carbons can let a remote attacker make messages appear as if they came from another user, including contacts, which creates a social-engineering risk.