IBM Spectrum Protect Plus 安全漏洞

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. A clickjacking vulnerability exists in IBM Spectrum Protect Plus 10.1.0 - 10.1.6. An attacker can exploit this...

Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-5017, CVE-2020-5018, CVE-2020-5019, CVE-2020-5020, CVE-2020-5021, CVE-2020-5022)

Summary IBM Spectrum Protect Plus is vulnerable to exposure of sensitive data, clickjacking, HTTP header injection, failure to invalidate sessions, and unauthorized access to information. Vulnerability Details CVEID: CVE-2020-5018 DESCRIPTION: IBM Spectrum Protect Plus may include sensitive...

Vidyo Clickjacking Vulnerability

Vidyo is a software used to support video conferencing from Vidyo, Inc. in the United States. A clickjacking vulnerability exists in Vidyo version 02-09-/D. The vulnerability stems from the absence of protection such as X-Frame-Options, which could be exploited by an attacker to achieve...

Unspecified Vulnerability in Ec-cube

Ec-cube is an open source e-commerce system of the Japanese company Ec-cube . A security vulnerability exists in EC-CUBE versions 3.0.0 through 3.0.18, which stems from Failure to properly restrict the rendering of UI layers or frames can lead to clickjacking attacks. If a user accesses a special...

CVE-2020-35735

Vidyo 02-09-/D allows clickjacking via the portal/ URI...

Code injection

Vidyo 02-09-/D allows clickjacking via the portal/ URI...

CVE-2020-35735

Vidyo 02-09-/D allows clickjacking via the portal/ URI...

CVE-2020-35735

Vidyo CVE-2020-35735 concerns a clickjacking vulnerability in Vidyo 02-09-/D. CNVD-2021-01558 and related records indicate the issue stems from the absence of protective headers such as X-Frame-Options, enabling clickjacking via the portal URI. No explicit exploit details, affected versions beyon...

Vidyo 安全漏洞

Vidyo is a software used to support video conferencing from Vidyo, Inc. in the United States. A clickjacking vulnerability exists in Vidyo version 02-09-/D. The vulnerability stems from the absence of protection such as X-Frame-Options, which could be exploited by an attacker to achieve...

Unspecified Vulnerability in Mozilla FireFox (CNVD-2021-00393)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 83, which stems from the fact that a cross-domain iframe containing a login form may have been recognized and populated by the login...

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

Cross site scripting

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

CVE-2020-26962

CVE-2020-26962 affects Mozilla Firefox up to version 82 (Firefox

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

Clickjacking

WebUI is vulnerable to clickjacking. The vulnerability existed when the X-Frame-Options header is not set...

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

Input validation

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...