|MITM when used without DNSSEC
|Fixed In Release
If not using DNSSEC it is trivial to perform a man in the middle attack a client via DNS spoofing. You can find more discussion in the XMPP Standards Archives.
Removed the code that supported the
_xmppconnect DNS TXT record.