208 matches found
Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability
A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...
CVE-2018-1432
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking...
CVE-2018-1432
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking...
Cross site request forgery (csrf)
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking...
CVE-2018-1432
CVE-2018-1432 affects IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7. The issue is cross-frame scripting that allows loading Information Server components inside an HTML iframe on a malicious page, enabling a potential clickjacking/ phishing scenario. The provided documents do not sp...
CVE-2018-1432
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking...
IBM InfoSphere Information Server Cross-Frame Scripting Vulnerability
IBM InfoSphere Information Server is a data integration platform that includes a range of products that enable you to understand, cleanse, monitor, transform, and transfer data, as well as collaborate to bridge the gap between business and IT. A cross-framework scripting vulnerability exists in I...
Design/Logic Flaw
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames...
CVE-2018-0326
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames...
CVE-2018-0326
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames...
CVE-2018-0326
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames...
CVE-2018-0326
Cisco TelePresence Server Software web UI is affected by CVE-2018-0326 due to insufficient protections for HTML iframe embeds, enabling an unauthenticated attacker to perform a cross-frame scripting attack via a user-nes navigated, attacker-controlled page containing a malicious iframe. The resul...
CVE-2018-0326
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames...
Cisco TelePresence Server Cross-Frame Scripting Vulnerability
Cisco TelePresence Server Software is the United States of America Cisco Cisco is a set of video conferencing solutions known as "TelePresence" system. The program provides audio, video space and other components for remote participants to provide a "face-to-face" virtual meeting room effect. web...
Cisco TelePresence IX5000 Series and TelePresence TX9000 Series Cross-Frame Scripting Vulnerability
A vulnerability in the web UI of Cisco TelePresence IX5000 Series Software and Cisco TelePresence TX9000 Series Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to...
CVE-2017-12258
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...
CVE-2017-12258
CVE-2017-12258 affects Cisco Unified Communications Manager (CUCM) Web UI. The flaw stems from insufficient protections for HTML inline frames (iframes), enabling an unauthenticated, remote attacker to direct a user to a page containing a malicious iframe to perform a click-jacking/XSF-style brow...
Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...
CVE-2017-3155
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...