Unrated severityNVD Advisory· Published Aug 25, 2012· Updated Apr 29, 2026

CVE-2012-4671

Description

psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

Affected products

Psyced/Psyced4 versions
cpe:2.3:a:psyced:psyced:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:psyced:psyced:*:*:*:*:*:*:*:*range: <=20111122
- cpe:2.3:a:psyced:psyced:20081120:*:*:*:*:*:*:*
- cpe:2.3:a:psyced:psyced:20090323:*:*:*:*:*:*:*
- cpe:2.3:a:psyced:psyced:20090617:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.psyced.org/files/psyced-20120821.tar.bz2nvd
xmpp.org/resources/security-notices/server-dialback/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000