CVE-2023-4956 Quay: clickjacking on config-editor page severity

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956

CVE-2023-4956 describes a clickjacking vulnerability in Red Hat Quay, where the config-editor page can be framed to trick an administrator into clicking UI controls, potentially reconfiguring parts of the Quay instance. Affected: Quay (config-editor). Root cause: improper framing protection enabl...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

Several security-related HTTP Headers were missing (CVE-2023-5648)

In Brocade ASCG before Brocade ASCG v3.0, several security-related HTTP Headers were missing in various Brocade ASCG URL paths, aiding unauthenticated attackers to perform attacks such as Cross-Site Scripting, Clickjacking, Information disclosure, and more...

MGASA-2023-0308 Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

MGASA-2023-0309 Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

USN-6468-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

USN-6468-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

SAP Enable Now Code Issue Vulnerability

SAP Enable Now is a collaborative content creation, management and sharing platform from SAP. The platform is primarily used for e-learning and training in SAP and non-SAP systems. SAP Enable Now suffers from a code issue vulnerability that stems from an unimplemented X-FRAME-OPTIONS response...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...

Mozilla: Queued up rendering could have allowed websites to clickjack

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...