3797 matches found
Design/Logic Flaw
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management CLM 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager RQM 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4;...
CVE-2015-1928
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management CLM 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager RQM 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4;...
CVE-2015-1928
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management CLM 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager RQM 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4;...
CVE-2015-1928
CVE-2015-1928 affects IBM Jazz-based CLM ecosystem (Jazz Team Server and multiple CLM apps such as RRC, RDNG, RELM, RTC, RQM, Rhapsody DM, RSA DM, etc.). The connected IBM bulletin confirms a remote attacker can exploit via a crafted website to hijack the victim’s click actions (clickjacking). Af...
CVE-2015-2918
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
Code injection
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2015-2918
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2015-2918
The CVE concerns the OrientDB Studio web management interface in the OrientDB Server Community Edition. Affected versions are before 2.0.15 and before 2.1.1 (2.1.x line). The root cause is that Studio does not properly restrict use of FRAME elements, allowing remote attackers to perform clickjack...
Cloudflare: Clickjacking : https://partners.cloudflare.com/
Hey, The title of submission defines the issue very clearly which is clickjacking at https://partners.cloudflare.com/ this subdomain missing x frame headers. As this subdomain contain a partner login then it is dangerous to have this type of issue. You understand better what i mean ; Attached a...
DZOIC ClipHouse 11.1 SQL Injection / Clickjacking
| Title : DZOIC ClipHouse v11.1 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by DZOIC ClipHouse | Tested on: windows 8.1 Français V.Pro | Download : http://www.dl.persianscript.ir/script/DZOIC-ClipHousev11.1PersianScript.ir.zip...
Imgur: Attack User Privacy Settings - X-Frame-Options missing on m.imgur.com/user/username/settings
Hello, I would like to report that almost entire mobile web site is vulnerable to clickjacking attacks, Maybe the most important critical part the /settings node, As an attacker could force a user to change his privacy settings with only two clicks, please see live video demonstration, of course...
Cisco Firepower 9000 Series Switches点击劫持漏洞
No description provided by source...
The vulnerability of the WildFly application server and the JBoss Enterprise Application Platform, which allows attackers to carry out clickjacking attacks
The vulnerability of the Management Console Java-server component of the WildFly application server and the JBoss Enterprise Application Platform-related platform is related to security configuration errors. Exploiting this vulnerability allows a malicious actor, operating remotely, to carry out...
Cross site scripting
The Management Console in BlackBerry Enterprise Server BES 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue...
CVE-2015-4112
The Management Console in BlackBerry Enterprise Server BES 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue...
CVE-2015-4112
CVE-2015-4112 affects the BlackBerry Enterprise Server (BES) Management Console. The issue arises because the console does not properly restrict the use of FRAME elements, enabling remote attackers to perform clickjacking via a crafted website (cross-frame scripting). Affects BES 12 before 12.2; ...
CVE-2015-4112
The Management Console in BlackBerry Enterprise Server BES 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue...
CVE-2015-6374
The web interface in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID...
Design/Logic Flaw
The web interface in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID...
CVE-2015-6374
The web interface in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID...