๐ CVE-2021-32919
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: web.nvd.nist.gov
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled). ...