[jdev] [Security] Spoofing of iq ids and misbehaving servers

Dave Cridland dave at cridland.net
Mon Feb 3 20:55:58 UTC 2014

On Mon, Feb 3, 2014 at 8:43 PM, Thijs Alkemade <me at thijsalkema.de> wrote:

> I've filed tickets today for:
> XMPPFramework: https://github.com/robbiehanson/XMPPFramework/issues/300
> Strophe.js: https://github.com/strophe/strophejs/issues/56
> SleekXMPP: https://github.com/fritzy/SleekXMPP/issues/278
> Miranda-NG: http://trac.miranda-ng.org/ticket/569

It occurs to me that servers, too, may be vulnerable.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20140203/78ead5ef/attachment.html>

More information about the JDev mailing list