anurodhp/VaxProj

Releases768

Frequency3 days 8 hours

Last Release over 5 years ago

Stars2

A fork of Monal for a specific project. Use the real Monal repo for actual Monal.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-26547 ↗	Feb 1, 2021Monday, 1 February 2021, 02:15	9.8 CRITICAL	5 MEDIUM
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP-0280) results. This allows a remote attacker (able to send stanzas to a victim) to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim.