Prosody: >> Prosody >> 0.8.2 Security Vulnerabilities
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua.
CVSS Score
7.8
EPSS Score
0.023
Published
2014-04-11
Page 2