3797 matches found
OWOX, Inc.: ClickJacking
hi there ! i have found clickjacking vulnerability in your website you should set the frames to fix the issue...
IBM Kenexa LMS on Cloud Clickjacking Vulnerability
IBM Kenexa LMS on Cloud is a full-featured, configurable, enterprise-grade, social Learning Management System LMS that integrates social networking, collaboration, and knowledge sharing capabilities. The software provides interactive elements that support users in evaluating learning content and...
IBM InfoSphere Information Server Framework and IBM InfoSphere Information Server on Cloud Clickjacking Vulnerability
IBM InfoSphere Information Server Framework ISF and IBM InfoSphere Information Server on Cloud are products of IBM Corporation, USA. The former is a set of data integration platform framework, the latter is a set of cloud-based data integration platform. A clickjacking vulnerability exists in IBM...
Yelp: ClickJacking
hi there i have found a clickjacking vulnerability in your site in the index home page: https://www.yelp.com/ Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when th...
CVE-2016-3060
Payments Director in IBM Financial Transaction Manager FTM for ACH Services, Check Services, and Corporate Payment Services CPS 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-3060
Payments Director in IBM Financial Transaction Manager FTM for ACH Services, Check Services, and Corporate Payment Services CPS 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-3060
Payments Director in IBM Financial Transaction Manager FTM for ACH Services, Check Services, and Corporate Payment Services CPS 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-3060
IBM Financial Transaction Manager (FTM) exposes CVE-2016-3060 across multiple components (ACH, Check, CPS). The vulnerability allows remote authenticated attackers to hijack user click actions via a crafted site (clickjacking). Affected versions include FTM CPS v2.1.1.0–v2.1.1.3 and FTM 3.0.0.x u...
CVE-2016-6440
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.01.10000.10, 11.51.10000.6, 11.50.99838.4. Know...
CVE-2016-6440
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.01.10000.10, 11.51.10000.6, 11.50.99838.4. Know...
Information disclosure
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.01.10000.10, 11.51.10000.6, 11.50.99838.4. Know...
CVE-2016-6440
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.01.10000.10, 11.51.10000.6, 11.50.99838.4. Know...
CVE-2016-6440
CVE-2016-6440 affects Cisco Unified Communications Manager (CUCM). Root cause: lack of input sanitization for iframe data in HTTP requests, enabling an attacker to display data inside an iframe and trigger clickjacking (phishing) without user interaction. Affected releases include CUCM 11.0(1.100...
Atlassian Confluence Server 5.8.x < 5.8.15 Clickjacking
Binary data 9646.prm...
Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability (cisco-sa-20161012-ucm)
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. Protection mechanisms should be used to prevent this type of attack. Copyright C 2016 Greenbone Networks GmbH Some...
Cisco Unified Communications Manager Clickjacking Vulnerability
Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A clickjacking vulnerability has been...
Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. Protection mechanisms should be used to prevent this type of attack. The vulnerability is due to a lack of proper...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
CVE-2 0 1 6-4 2 7 1:Flash local file system sandbox bypass-vulnerability warning-the black bar safety net
2 0 1 6 9 on 1 3 April, Adobe closed the local file system sandbox sandbox. Local file system sandbox in existence for twenty years after, finally be Adobe is closed, so that almost all of the use of this function in the Flash file needs to be updated. We will specifically explain this change in...
HackerOne: HackerOne Integrations Design Issue
Summary HackerOne Integrations Design Issue Description Include Impact This bug is similar to 170552. The HackerOne Integrations feature is very sensitive and can not be used with just a click, IMHO, or we can say "HackerOne users are a click away from giving to an attacker very sensitive...