FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Prosody -- Remote Information Disclosure

Affected packages
prosody < 0.11.10

Details

VuXML ID 5ef14250-f47c-11eb-8f13-5b4de959822e
Discovery 2021-07-22
Entry 2021-08-03

A Prosody XMPP server advisory reports:

It was discovered that Prosody allows any entity to access the list of admins, members, owners and banned entities of any federated XMPP group chat of which they know the address.

[source]

References

CVE Name CVE-2021-37601
URL https://prosody.im/security/advisory_20210722/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.