| Bug | Description |
|---|
| TEMP-0000000-F4C8D1 | ejabberd HTML code injection |
| CVE-2014-8760 | ejabberd before 2.1.13 does not enforce the starttls_required setting ... |
| CVE-2013-6169 | The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) we ... |
| CVE-2011-4320 | The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alp ... |
| CVE-2011-1753 | expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and ... |
| CVE-2010-0305 | ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to c ... |
| CVE-2009-0934 | Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allo ... |
| CVE-2007-0903 | Unspecified vulnerability in the mod_roster_odbc module in ejabberd be ... |
| CVE-2006-2221 | A third-party installer generation tool, possibly BitRock InstallBuild ... |