CVE-2022-46061

AeroCMS v0.0.1 is vulnerable to ClickJacking...

CVE-2022-46061

AeroCMS v0.0.1 is vulnerable to ClickJacking...

CVE-2022-46061

CVE-2022-46061 : AeroCMS v0.0.1 is reported vulnerable to ClickJacking. The connected sources identify the affected software/version and classify the impact as low for confidentiality and integrity, with no availability impact; user interaction is required for exploitation, per the CVSS data. No ...

PT-2022-27726 · Aerocms · Aerocms

Name of the Vulnerable Software and Affected Versions: AeroCMS version 0.0.1 Description: The issue concerns ClickJacking, a type of attack where an attacker tricks a user into clicking on a malicious link or button that appears legitimate. No information is provided about the estimated number of...

AeroCMS 安全漏洞

AeroCMS is a content management system from AeroCMS Inc. in the United States. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from vulnerability to clickjacking attacks...

CVE-2022-3260

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

CVE-2022-3260

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

Hardcoded credentials

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

CVE-2022-3260

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

CVE-2022-3260

The CVE-2022-3260 issue is described across sources as an absence of the X-FRAME-OPTIONS header in responses, which can permit clickjacking attacks. The primary description notes that this header is not enabled and some browsers may misinterpret results, enabling clickjacking. The NVD entry assig...

CVE-2022-3260

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that enables building, testing, deploying, and running applications. A security vulnerability exists in Red Hat OpenShift that stems from its response headers not having X-FRAME-OPTIONS enabled, which...

PT-2022-21400 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to the absence of the X-FRAME-OPTIONS header in response headers, which helps prevent Clickjacking attacks. Without this header, some browsers may interpret the...

Cross-site Scripting in kiwitcms

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

GHSA-HF94-8MX5-2VVJ Cross-site Scripting in kiwitcms

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

CVE-2022-4105

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

Design/Logic Flaw

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

CVE-2022-4105 Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

PT-2022-25655 · Unknown · Kiwi Test Plan

Name of the Vulnerable Software and Affected Versions: kiwi Test Plan affected versions not specified Description: A stored XSS in a kiwi Test Plan can run malicious javascript, potentially chained with an HTML injection to perform a UI redressing attack, also known as clickjacking, and an HTML...

CVE-2022-4105 Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...