3800 matches found
UBUNTU-CVE-2021-3731
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions...
CVE-2021-3731
CVE-2021-3731 affects LedgerSMB with clickjacking risk where an attacker could trick a user into performing unintended actions via wrapping. Connected advisories corroborate cross-site scripting/clickjacking exposure and related input handling weaknesses across multiple distros (Debian, Ubuntu); ...
CVE-2021-3731 Improper Restriction of Rendered UI Layers or Frames in ledgersmb/ledgersmb
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions...
CVE-2021-3731
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions...
in erikdubbelboer/phpredisadmin
✍️ Description It can be possible to perform a clickjacking attack due to the lack of frame restrictions. The application does not set the response header X-Frame-Options: DENY. 🕵️♂️ Proof of Concept 💥 Impact According to PortSwigger references, it is possible for a page controlled by an attacker...
LedgerSMB 安全漏洞
LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, and more. LedgerSMB suffers from a security vulnerability that stems from the application not being adequately protected from being wrapped around...
PT-2021-21605 · Ledgersmb +2 · Ledgersmb +2
Name of the Vulnerable Software and Affected Versions: LedgerSMB affected versions not specified Description: The issue allows an attacker to trick a targeted user into executing unintended actions through 'clickjacking', as LedgerSMB does not sufficiently guard against being wrapped by other...
Mozilla Firefox Resource Management Error Vulnerability (CNVD-2021-90323)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a Resource Management Error vulnerability, which exists due to improper resource management within the application.The Android version of Firefox may get stuck in full-scre...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
Design/Logic Flaw
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32070
The CVE-2021-32070 entry concerns the Mitel MiCollab MiCollab Client Service component prior to version 9.3, where an insecure header response could enable a clickjacking attack. An attacker could modify the browser header and redirect users, as described in the public records. No explicit exploi...
UPchieve: CLICKJACKING LEADS TO DEACTIVATE ACCOUNT
Hello UPCHEIVE SECURITY TEAM, I'm Anto Vulnerability : Clickjacking in https://hackers.upchieve.org/profile Steps to Reproduce: 1. Create a HTML file with following code Click the place where its shows Click 1 Click 2 Click 2 2, Save and Open it on your browser the page will be appear. Impact An...
Mozilla Firefox 资源管理错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a Resource Management Error vulnerability, which exists due to improper resource management within the application.The Android version of Firefox may get stuck in full-scre...
CVE-2021-37788
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device...
CVE-2021-37788
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device...
Input validation
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device...
CVE-2021-37788
The CVE-2021-37788 case concerns Gurock TestRail web UI version 5.3.0.3603. The root cause is insufficient input validation of iFrame data in HTTP requests, enabling an unauthenticated, remote attacker to perform a clickjacking attack and potentially affect device integrity. Connected sources (PT...
CVE-2021-37788
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device...