CVE-2023-3140

creationtimestamp| type| source ---|---|--- 2023-06-07 14:35:01+00:00| seen| https://t.me/cibsecurity/65033 2025-01-06 21:35:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/232 2026-03-25 03:00:10+00:00| seen| https://www.knime.com/security/advisoriesCVE-2026-4649...

CVE-2023-3140

Missing HTTP headers X-Frame-Options, Content-Security-Policy in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a...

CVE-2023-3140

Missing HTTP headers X-Frame-Options, Content-Security-Policy in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a...

CVE-2023-3140

CVE-2023-3140 affects KNIME Business Hub prior to 1.4.0. The root cause is a missing HTTP security header set (X-Frame-Options and Content-Security-Policy), enabling clickjacking where an attacker can embed the app in a malicious page and trick users into actions on the original site. Impact deta...