The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service (infinite loop) via a stanza with a publish tag that lacks a node attribute.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-02-18T00:00:00Z

Updated: 2024-08-07T00:01:51.574Z

Reserved: 2011-11-04T00:00:00Z

Link: CVE-2011-4320

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-02-18T00:55:02.150

Modified: 2024-11-21T01:32:13.907

Link: CVE-2011-4320

cve-icon Redhat

No data.