JVN#04125292: Cybozu Mailwise contains issue in preventing clickjacking attacks

2016-08-16T00:00:00
ID JVN:04125292
Type jvn
Reporter Japan Vulnerability Notes
Modified 2016-08-16T00:00:00

Description

## Description

Cybozu Mailwise contains multiple pages for editing/sending bulk emails. Some of these pages fail to protect against clickjacking attacks.

## Impact

If a user views a malicious page while logged in, the user may be tricked into conducting unintended operations.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Cybozu Mailwise version 5.0.0 through 5.3.2