VYPR

PyPI package

sleekxmpp

pkg:pypi/sleekxmpp

Vulnerabilities (1)

  • CVE-2017-5591MedFeb 9, 2017
    affected < 1.3.2fixed 1.3.2

    An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMP