Several security-related HTTP Headers were missing (CVE-2023-5648)

In Brocade ASCG before Brocade ASCG v3.0, several security-related HTTP Headers were missing in various Brocade ASCG URL paths, aiding unauthenticated attackers to perform attacks such as Cross-Site Scripting, Clickjacking, Information disclosure, and more...

MGASA-2023-0309 Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

MGASA-2023-0308 Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

USN-6468-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

USN-6468-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

SAP Enable Now Code Issue Vulnerability

SAP Enable Now is a collaborative content creation, management and sharing platform from SAP. The platform is primarily used for e-learning and training in SAP and non-SAP systems. SAP Enable Now suffers from a code issue vulnerability that stems from an unimplemented X-FRAME-OPTIONS response...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

CVE-2023-36920

In SAP Enable Now - versions WPBMANAGER 1.0, WPBMANAGERCE 10, WPBMANAGERHANA 10, ENABLENOWCONSUMPDEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information...

CVE-2023-36920

In SAP Enable Now - versions WPBMANAGER 1.0, WPBMANAGERCE 10, WPBMANAGERHANA 10, ENABLENOWCONSUMPDEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information...

Information disclosure

In SAP Enable Now - versions WPBMANAGER 1.0, WPBMANAGERCE 10, WPBMANAGERHANA 10, ENABLENOWCONSUMPDEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information...