CVE-2013-6772

CVE-2013-6772 affects Splunk versions before 5.0.4 and is due to missing X-Frame-Options header, enabling Clickjacking. The vulnerability is documented across multiple sources (NVD/Red Hat/PRION) with the impact described as lack of frame-backing control. There is no explicit exploit details or i...

CVE-2013-6772

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking...

Nord Security: UI Redressing (Clickjacking) vulnerability

Summary: Hello Team, When i'm testing you're website i have found the vulnerability which called Clickjacking. Description: Clickjacing also know as UI redress attack . By this vulnerability attacker can Hijack the site which is vulnerable by clickjacking.when an attacker uses multiple transparen...

Nord Security: Clickjacking at join.nordvpn.com

PoC at attach Create a new HTML file Put Save the file Open document in browser Impact https://www.owasp.org/index.php/Clickjacking...

Automattic: Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com

Summary: I have found that their is no protection for click jacking on refer.wordpress.com so attacker can exploit it to change users details. This clickjacking is on authenticated pages so it is very critical vulnerability. Steps To Reproduce: 1. Create a HTML file with following content...

IBM Financial Transaction Manager for SWIFT Services Clickjacking Vulnerability

IBM Financial Transaction Manager for SWIFT Services is a financial transaction manager product from IBM in the United States. The product is primarily used for monitoring, tracking and reporting financial payments and transactions. A clickjacking vulnerability exists in IBM Financial Transaction...

Security Bulletin: Clickjacking vulnerability in IBM Operations Analytics - Log Analysis (CVE-2019-4215)

Summary There is a clickjacking vulnerability in IBM Operations Analytics - Log Analysis Vulnerability Details CVEID: CVE-2019-4215 DESCRIPTION: CVSS Base score: 6.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159186 for the current score. CVSS Vector:...

Security Bulletin: IBM Tivoli Netcool Impact Configuration and Deployment Management Clickjacking

Summary IBM Tivoli Netcool Impact did not handle Clickjacking. Vulnerability Details Third Party Entry: PSIRT-ADV0014970 DESCRIPTION: CVSS Base score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Affected Products and Versions Affected Products| Versions ---|--- IBM Tivoli Netcoo...

Pornhub: Self-XSS to Good-XSS - pornhub.com

The researcher was able to bypass the site-wide clickjacking protection X-Frame-Options header in order to fully automate the exploitation of a self-xss vulnerability, allowing attackers to execute arbitrary javascript payloads on the pornhub domain through iframes hosted on a third-party website...

IBM Financial Transaction Manager for SWIFT Services Multiple Security Vulnerabilities

Description IBM Financial Transaction Manager for SWIFT Services is prone to the following security vulnerabilities: 1. A clickjacking vulnerability 2. A cross-site scripting vulnerability 3. An information-disclosure vulnerability 4. A cross-site request-forgery vulnerability An attacker can...

The vulnerability in the Administrator web console of the McAfee Web Gateway web server allows a perpetrator to carry out a clickjacking attack.

The vulnerability of the Administrator web console of the McAfee Web Gateway lies in insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out a clickjacking attack using a specially crafted web page...

Clickjacking Vulnerability Exists in Intesync Solismed

Intesync Solismed is a clinic management system designed for use by independent and free clinics. A clickjacking vulnerability exists in Intesync Solismed. An attacker can exploit this vulnerability to hijack user clicks and perform arbitrary actions on behalf of the user...

CVE-2019-15930

Intesync Solismed 3.3sp allows Clickjacking...

CVE-2019-15930

Intesync Solismed 3.3sp allows Clickjacking...

Security feature bypass

Intesync Solismed 3.3sp allows Clickjacking...

CVE-2019-15930

CVE-2019-15930: Intesync Solismed 3.3sp is affected by a clickjacking vulnerability. Multiple connected sources describe that an attacker could exploit this flaw to hijack user clicks and perform arbitrary actions on behalf of the user within Solismed. The Red Hat/CNVD/NVD entries corroborate the...

CVE-2019-15930

Intesync Solismed 3.3sp allows Clickjacking...

CVE-2013-4968

Puppet Enterprise before 3.0.1 allows remote attackers to 1 conduct clickjacking attacks via unspecified vectors related to the console, and 2 conduct cross-site scripting XSS attacks via unspecified vectors related to "live management."...

Cross site scripting

Puppet Enterprise before 3.0.1 allows remote attackers to 1 conduct clickjacking attacks via unspecified vectors related to the console, and 2 conduct cross-site scripting XSS attacks via unspecified vectors related to "live management."...

CVE-2013-4968

Puppet Enterprise before 3.0.1 allows remote attackers to 1 conduct clickjacking attacks via unspecified vectors related to the console, and 2 conduct cross-site scripting XSS attacks via unspecified vectors related to "live management."...