208 matches found
PYSEC-2017-111
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
CVE-2017-3155
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
CVE-2017-3155
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating are reported vulnerable to cross-site scripting (cross frame scripting). The connected documents confirm the affected product and vulnerability type but do not provide specific root-cause details, affected components, exploit information...
CVE-2017-3155
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...
Apache NiFi Cross-Frame Scripting Vulnerability
Apache NiFi is a data-flow based data processing and distribution system of the Apache Apache Software Foundation, USA. The system supports the configuration and transformation of data routing indicator maps and system intermediary logic. A security vulnerability exists in Apache NiFi versions...
Cross Frame Scripting
atlas-dashboardv2 is vulnerable to cross frame scripting. The library allows the use of external frames on the index page, allowing a malicious user to inject and execute arbitrary javascript via an iframe...
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
Cross site scripting
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-9000
IBM InfoSphere DataStage is affected by CVE-2016-9000, a Cross‑Frame Scripting issue caused by insufficient HTML iframe protection. A remote attacker could entice a user to visit a crafted URL to load a page under the attacker’s control, enabling clickjacking or other client‑side browser attacks....
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
Cross site scripting
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
CVE-2016-5984
CVE-2016-5984 affects IBM InfoSphere Information Server and ISF/InfoSphere on Cloud. The vulnerability is a cross-frame scripting issue due to insufficient HTML iframe protection, enabling a remote attacker to use a crafted URL to perform clickjacking or similar client-side browser attacks. Affec...
CVE-2016-1474
Cisco Prime Infrastructure 2.22 does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka Bug ID CSCuw65846, a different...
Cross site scripting
Cisco Prime Infrastructure 2.22 does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka Bug ID CSCuw65846, a different...
Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability
Cisco Prime Infrastructure PI is a wireless management solution through Cisco Prime LAN Management Solution and Cisco Prime Network Control System technologies. A cross-frame scripting vulnerability exists in Cisco Prime Infrastructure. Allowing an attacker to bypass the homology policy and perfo...
Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability (cisco-sa-20160803-cpi)
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to a...