CVE-2021-41657

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack...

CVE-2021-41657

SmartBear CodeCollaborator v6.1.6102 contains a web UI vulnerability that enables clickjacking. The affected component is the CodeCollaborator web UI; the underlying issue is an insecure handling of embedded frames that allows an attacker to render a hidden frame and trick an authenticated user i...

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

CVE-2021-3660

CVE-2021-3660 relates to Cockpit (and its plugins) not protecting against clickjacking, allowing a cockpit page to be rendered in an on another site. Connected data confirms affected package: cockpit 248-2, with a patched version available. AlmaLinux advisories reference a security fix addressin...

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to Clickjacking (CVE-2021-39038)

Summary IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0,...

PT-2022-11454 · Smartbear · Codecollaborator

Name of the Vulnerable Software and Affected Versions: SmartBear CodeCollaborator version 6.1.6102 Description: The issue allows an attacker to conduct a clickjacking attack through the web UI. Recommendations: For version 6.1.6102, update to a newer version that contains a fix for this issue...

IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.3 Clickjacking (6559044)

The IBM WebSphere Application Server Liberty running on the remote host is 17.0.0.3 prior to 22.0.0.3. It is, therefore, affected by a clickjacking vulnerability. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click...

IBM WebSphere Application Server 9.x < 9.0.5.12 Clickjacking

The IBM WebSphere Application Server running on the remote host is 9.x prior to 9.0.5.12. It is, therefore, affected by a clickjacking vulnerability. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2021-39038)

Summary WebSphere Application Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin:IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are vulnerable to Clickjacking (CVE-2021-39038)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are vulnerable to Clickjacking CVE-2021-39038 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products...

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to Clickjacking (CVE-2021-39038)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to Clickjacking CVE-2021-39038 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Produc...

Security Bulletin: Clickjacking vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4285)

Summary There is a potential clickjacking vulnerability in IBM WebSphere Application Server Liberty Admin Center which affects IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2019-4285 DESCRIPTION: IBM WebSphere Application Server - Liberty Admin...

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Spectrum Control

Summary Multiple security vulnerabilities are fixed in IBM Spectrum Control formerly Tivoli Storage Productivity Center - CVE-2016-5943, CVE-2016-5944, CVE-2016-5945, CVE-2016-5946, CVE-2016-5947 Vulnerability Details CVEID: CVE-2016-5943 DESCRIPTION: IBM Storage Insights SaaS and IBM Spectrum...

JetBrains Security Bulletin Q4 2021

JetBrains Security JetBrains Security Bulletin Q4 2021 Robert Demmer In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity...

Unspecified vulnerability in DELL EMC AppSync (CNVD-2022-06706)

DELL EMC AppSync is a replication data management software from Dell DELL, Inc. A security vulnerability exists in DELL EMC AppSync due to a clickjacking vulnerability in Dell EMC AppSync versions 3.9 through 4.3. An attacker could use this vulnerability to trick victims into performing a state...

CVE-2022-22552

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations...

CVE-2022-22552

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations...

Spoofing

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations...

CVE-2022-22552

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations...