Closed jcbrand closed 10 years ago
Hi @priyadi
Converse.js < 0.5.2 is insecure because it exposes the Strophe connection object globally. Malicious code can access this object and in the process get sensitive user data.
Regards JC
thanks for the heads up. will upgrade as soon as possible.
latest commit should fixed this. closing.
Hi @priyadi
Converse.js < 0.5.2 is insecure because it exposes the Strophe connection object globally. Malicious code can access this object and in the process get sensitive user data.
Regards JC