Balu_Der_Bär

**Name of the Vulnerable Software and Affected Versions** Dino before 2019-09-10 **Description** The issue is related to insufficient input validation in the /xep/0280 message carbons.vala module of the Dino instant messaging client. This could allow a remote attacker to impact data integrity. The problem lies in the module's failure to properly check the source of a carbons message. **Recommendations** For versions prior to 2019-09-10, as a temporary workaround, consider disabling the module/xep/0280 message carbons.vala until a patch is available. Restrict access to this module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.