M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isode m-link 14.6 |
||
isode m-link 15.1 |