CVE-2021-23274 TIBCO API Exchange Gateway Clickjack Vulnerability

The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected syste...

TIBCO Software TIBCO API Exchange Gateway 安全漏洞

TIBCO Software TIBCO API Exchange Gateway is an application from TIBCO Software, Inc. It provides a central access point for managing enterprise APIs and provides an intermediary program between internal and external services, systems and devices. A security vulnerability exists in TIBCO API...

TIBCO Security Advisory: March 23, 2021 - TIBCO API ExchangeGateway

TIBCO API Exchange Gateway Clickjack Vulnerability Original release date: March 23,2021 Last revised: CVE-2021-23274 Source: TIBCO Software Inc. Products Affected TIBCO API Exchange Gateway versions 2.3.3 and below TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric versions 2.3.3 and...

TIBCO Security Advisory: March 23, 2021 - TIBCO API ExchangeGateway

TIBCO API Exchange Gateway Clickjack Vulnerability Original release date: March 23,2021 Last revised: CVE-2021-23274 Source: TIBCO Software Inc. Products Affected TIBCO API Exchange Gateway versions 2.3.3 and below TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric versions 2.3.3 and...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

Design/Logic Flaw

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

CVE-2021-23955 affects Mozilla Firefox (pre-85) where a pointer-lock state could be transferred between tabs, enabling clickjacking. Technical details in the CVE description and multiple advisories confirm the underlying issue is a state transfer between tabs related to requestPointerLock. Impact...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

SAP Business Objects Business Intelligence Cross-Site Scripting Execution Vulnerability

SAP Business Objects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...

Security Bulletin: Clickjacking vulnerability identified in IBM Dependency Based Build server web UI

Summary A clickjacking vulnerability has been identified in the IBM Dependency Based Build server web UI. Vulnerability Details Third Party Entry: PSIRT-ADV0022407 DESCRIPTION: Created from Advisory: ADV0022407 CVSS Base score: 5.4 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Affecte...

Mozilla Firefox Clickjacking Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 85. The browser could be confused to transfer the pointer-locked state to another tab, which could be exploited by an attacker to...

SAP BusinessObjects Business Intelligence Platform Clickjacking (2935791)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is affected by a vulnerability. SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably...

CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack...

CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack...

Design/Logic Flaw

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack...

CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack...

CVE-2021-21444

CVE-2021-21444 affects SAP Business Objects BI Platform versions 410, 420, and 430. The vulnerability stems from the response headers containing multiple X-Frame-Options entries, which may not be uniformly respected by all user agents, potentially nullifying the X-Frame-Options header and enablin...

SAP Business Objects BI Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...