CVE-2016-10376
CVE-2016-10376 · LOW Severity
AV:N/AC:M/AU:S/C:P/I:N/A:N
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions.
Learn more about our Cis Benchmark Audit For Server Software.