CVE-2022-24733

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

Code injection

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

CVE-2022-24733

Sylius (open-source eCommerce platform) has a clickjacking vulnerability in versions prior to 1.9.10, 1.10.11, and 1.11.2, where an attacker-controlled page could load the site in an iframe and overlay the interface. Root cause: missing X-Frame-Options header allowing framing. Impact: potential U...

CVE-2022-24733 Improper Restriction of Rendered UI Layers or Frames in Sylius

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

CVE-2022-24733 Improper Restriction of Rendered UI Layers or Frames in Sylius

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

CVE-2022-24733 Improper Restriction of Rendered UI Layers or Frames in Sylius

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

Cockpit has unspecified vulnerabilities

Cockpit is an interactive server management interface. a security vulnerability exists in Cockpit, which stems from another website within the ＜iFrame＞ HTML entry rendering pages from the cockpit server that could be used by malicious websites for clickjacking or similar attacks. No detailed...

Sylius 安全漏洞

Sylius is an open source e-commerce platform based on the Symfony framework from the Polish company Sylius. sylius has a security vulnerability that stems from the possibility that an attacker-controlled page could load the website in an iframe. This would enable a clickjacking attack where an...

CVE-2021-41657

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack...

CVE-2021-41657

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack...

Design/Logic Flaw

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack...

DEBIAN-CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

Code injection

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

UBUNTU-CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

Cockpit 安全漏洞

Cockpit is an interactive server management interface. a security vulnerability exists in Cockpit, which stems from another website within the ＜iFrame＞ HTML entry rendering pages from the cockpit server that could be used by malicious websites for clickjacking or similar attacks. No detailed...

SmartBear CodeCollaborator 输入验证错误漏洞

SmartBear CodeCollaborator is a code review and documentation review tool from SmartBear. It helps development, testing and management teams to work together to produce high-quality code. A security vulnerability exists in SmartBear CodeCollaborator version v6.1.6102, which stems from a problem...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2021-39038)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-39038 DESCRIPTION: IBM WebSphere Applicati...