EPSS
Percentile
86.8%
JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
bugzilla.redhat.com/show_bug.cgi?id=1468566