3800 matches found
HP Matrix Operating Environment Point Hijacking Vulnerability
HP Matrix Operating Environment is a suite of cloud management software designed for infrastructure services from Hewlett-Packard HP. A point hijacking vulnerability exists in HP Matrix Operating Environment version 7.6 LR1, which can be exploited by an attacker to conduct a clickjacking attack v...
HP Matrix Operating Environment Point Hijacking Vulnerability (CNVD-2017-37920)
HP Matrix Operating Environment is a suite of cloud management software designed for infrastructure services from Hewlett-Packard HP. A point hijacking vulnerability exists in HP Matrix Operating Environment version 7.6 LR1, which can be exploited by an attacker to conduct a clickjacking attack v...
Adobe Connect Clickjacking Vulnerability
Adobe Connect is an online video conferencing software. A clickjacking vulnerability exists in Adobe Connect 9.6.2 and earlier versions. A remote user can exploit the vulnerability to hijack a target user's mouse clicks to act as the target user to perform actions on a website and obtain...
Adobe Connect Multiple Vulnerabilities (APSB17-35)
Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...
APSB17-35 Security update available for Adobe Connect
Adobe has released a security update for Adobe Connect. This update resolves a critical Server-Side Request Forgery SSRF vulnerability CVE-2017-11291 that could be abused to bypass network access controls. This update also resolves three input validation vulnerabilities rated Important...
Semrush: Following links are vulnerable to clickjacking
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: The below list...
CVE-2017-11461
NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...
CVE-2017-11461
NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...
Design/Logic Flaw
NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...
CVE-2017-11461
NetApp OnCommand Unified Manager for 7-mode core package versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface...
CVE-2017-11461
CVE-2017-11461 concerns NetApp OnCommand Unified Manager for 7-mode (core package) prior to version 5.2.1. The issue is a UI redress/clickjacking vulnerability that could cause a user to perform an unintended action within the web interface. The affected software is the OnCommand Unified Manager ...
MediaWiki Multiple Vulnerabilities (Aug 2012) - Linux
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
MediaWiki Multiple Vulnerabilities (Aug 2012) - Windows
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
Khan Academy: Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)
Hello Sir/Mam , I was using the html editor in computer programming section , which allowed me to design a webpage. When i use the iframe tag , object tag and embed tag it show me the message that these tags are not allowed for security reasonsmay be cause of clickjacking attack or something but...
IBM Infosphere BigInsights Clickjacking Vulnerability
IBM InfoSphere BigInsights is a suite of software platforms for storing and analyzing "Big Data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data. A security vulnerability exists in IBM Infosphere...
Gratipay: Bypassing X-frame options
bypass X-Frame-Options Proxy protection NOT used DomainUsing: gratipay.com Proxy protection NOT used , i can bypass X-Frame-Options header and recreate clickjacking on the whole domain. I see that you don't have a reverse proxy protection this allows all users to proxy your website rather than...
Design/Logic Flaw
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...
CVE-2012-4379
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...
CVE-2012-4379
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...
DEBIAN-CVE-2012-4379
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element...