Adobe Connect Multiple Vulnerabilities (APSB17-35)

Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...

APSB17-35 Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves a critical Server-Side Request Forgery SSRF vulnerability CVE-2017-11291 that could be abused to bypass network access controls. This update also resolves three input validation vulnerabilities rated Important...

Semrush: Following links are vulnerable to clickjacking

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: The below list...

CVE-2017-11461

NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...

CVE-2017-11461

NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...

Design/Logic Flaw

NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...

CVE-2017-11461

NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...

CVE-2017-11461

CVE-2017-11461 concerns NetApp OnCommand Unified Manager for 7-mode (core package) prior to version 5.2.1. The issue is a UI redress/clickjacking vulnerability that could cause a user to perform an unintended action within the web interface. The affected software is the OnCommand Unified Manager ...

MediaWiki Multiple Vulnerabilities (Aug 2012) - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

MediaWiki Multiple Vulnerabilities (Aug 2012) - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

Khan Academy: Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)

Hello Sir/Mam , I was using the html editor in computer programming section , which allowed me to design a webpage. When i use the iframe tag , object tag and embed tag it show me the message that these tags are not allowed for security reasonsmay be cause of clickjacking attack or something but...

IBM Infosphere BigInsights Clickjacking Vulnerability

IBM InfoSphere BigInsights is a suite of software platforms for storing and analyzing "Big Data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data. A security vulnerability exists in IBM Infosphere...

Gratipay: Bypassing X-frame options

bypass X-Frame-Options Proxy protection NOT used DomainUsing: gratipay.com Proxy protection NOT used , i can bypass X-Frame-Options header and recreate clickjacking on the whole domain. I see that you don't have a reverse proxy protection this allows all users to proxy your website rather than...

Design/Logic Flaw

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

CVE-2012-4379

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

CVE-2012-4379

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

CVE-2012-4379

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

UBUNTU-CVE-2012-4379

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

DEBIAN-CVE-2012-4379

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...

CVE-2012-4379

MediaWiki versions affected: prior to 1.18.5 and 1.19.x prior to 1.19.2. The issue is that the application does not send a restrictive X-Frame-Options header, enabling clickjacking via an embedded API response in an IFRAME. The provided documents describe the vulnerability without detailing explo...