CVE-2023-45698

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

HCL Sametime Security Vulnerability

HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A security vulnerability exists in HCL Sametime that stems from a lack of clickjacking protection...

SUSE CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

Pornhub: Self-XSS to Good-XSS - pornhub.com

The researcher was able to bypass the site-wide clickjacking protection X-Frame-Options header in order to fully automate the exploitation of a self-xss vulnerability, allowing attackers to execute arbitrary javascript payloads on the pornhub domain through iframes hosted on a third-party website...

Low: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.4 Update 3 security update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Code injection

Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 the fixed version for 5.3.x, from version 5.4.0 before 5.4.6 the fixed version for 5.4.x, from version 5.5.0 before 5.5.6 the fixed version for 5.5.x, from version 5.6.0 before 5.6.3 the fixed version for 5.6.x,...

Intel AMT Clickjacking Vulnerability - Lenovo Support US

No description provided...

Design/Logic Flaw

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page...

CVE-2017-5697

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page...

PT-2017-16677 · Intel · Intel Amt

Name of the Vulnerable Software and Affected Versions: Intel AMT firmware versions prior to 9.1.40.1000 Intel AMT firmware versions prior to 9.5.60.1952 Intel AMT firmware versions prior to 10.0.50.1004 Intel AMT firmware versions prior to 11.0.0.1205 Intel AMT firmware versions prior to...

MS13-084: Description of the security update for Word Online: October 8, 2013

This security update addresses the vulnerabilities by correcting how affected Microsoft software validates data when parsing specially crafted Office files and by changing configuration of SharePoint pages to help provide additional protection against clickjacking attacks.INTRODUCTIONMicrosoft ha...

Implement clickjacking protection on https://answers.atlassian.com/

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46884. panel We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to...

CVE-2013-5029

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php...

Enable X-FRAME-Options header to implement clickjacking protection

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-25143. panel TLDR: Add X-FRAME-Options: SAMEORIGIN to all HTTPS pages server config, and test that nothing breaks. --- Description: Current...

Security update 1970-01-01

...