Description

In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.

Remediation

References

CVE-2019-12855

Related Vulnerabilities

WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1)

WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)

WordPress Plugin Better Search SQL Injection (2.2.2)

MySQL CVE-2016-5443 Vulnerability (CVE-2016-5443)

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)

Severity

High

Classification

CVE-2019-12855 CWE-295 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Tags

Missing Update Known Vulnerabilities