Description
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
Remediation
References
Related Vulnerabilities
Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)
MySQL CVE-2020-14861 Vulnerability (CVE-2020-14861)
IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
Zenphoto Improper Privilege Management Vulnerability (CVE-2018-0610)