CVE-2013-4968

Puppet Enterprise before 3.0.1 allows remote attackers to 1 conduct clickjacking attacks via unspecified vectors related to the console, and 2 conduct cross-site scripting XSS attacks via unspecified vectors related to "live management."...

CVE-2013-4968

CVE-2013-4968 concerns Puppet Enterprise prior to 3.0.1. According to the provided sources, remote attackers could trigger (1) clickjacking via vectors related to the console and (2) cross-site scripting (XSS) via vectors related to “live management.” The NVD entry notes these as web-related vuln...

CVE-2013-4968

Puppet Enterprise before 3.0.1 allows remote attackers to 1 conduct clickjacking attacks via unspecified vectors related to the console, and 2 conduct cross-site scripting XSS attacks via unspecified vectors related to "live management."...

CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

DEBIAN-CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

Input validation

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

UBUNTU-CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

CVE-2019-5861

CVE-2019-5861 affects Chromium/Blink prior to 76.0.3809.87, where an error in determining the click location could allow bypassing anti-clickjacking (content spoofing). Affected component: Blink/WebKit click-location logic in Chromium before the fixed version. Impact per advisories: potential con...

CVE-2019-5861

Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page...

vBulletin Clickjacking Vulnerability

vBulletin is the United States InternetBrands and vBulletinSolutions, Inc. of a PHP and MySQL-based open source Web forum program . A clickjacking vulnerability exists in versions of vBulletin prior to 5.5.4. An attacker can exploit this vulnerability to conduct clickjacking attacks against users...

IBM WebSphere eXtreme Scale Admin Console Clickjacking Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution from IBM USA. The product supports dynamic caching, partitioning, replication, and management of application data and business logic across multiple servers.Admin Console is one of the management console programs. A security...

Stripo Inc: Clickjacking on my.stripo.email for MailChimp credentials

Clickjacking is a malicious hacking technique where attackers can acquire sensitive data. Through simple social engineering techniques these links can be sent out to unsuspecting customers to steal their credentials or perform actions on their accounts. For this example I saw that where I goto...

Mozilla Firefox ESR < 31.6 Multiple Vulnerabilities

Binary data 701254.prm...

Mozilla Firefox ESR < 24.6 Multiple Vulnerabilities

Binary data 701245.prm...

Rocket.Chat: Clickjacking in the admin page

Summary: Hello Rocket.Chat, There is a clickjacking vulnerability in a very critical page which is the admin info page. For my installation, the URL https://penetrationtester.rocket.chat/admin/users was used for creating the PoC. Description: Clickjacking User Interface redress attack, UI redress...

vBulletin < 5.5.4 Clickjacking Vulnerability

vBulletin is prone to a clickjacking vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vbulletin:vbulletin";...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

Awesome Web Security 🐶 Curated list of Web Security materials and resources. Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of...