CVE-2019-16193

CVE-2019-16193 affects ArcGIS Enterprise 10.6.1. A crafted IFRAME can trigger a Cross Frame Scripting (XFS) attack via the EDIT MY PROFILE feature. Public records (NVD) cite CVSS v2 base 3.5 (LOW) and CVSS v3.1 base 5.4 (MEDIUM); attack vector: NETWORK, user interaction required (CVSS3.1), and pa...

CVE-2019-3639 MWG UI: Cross-Frame Scripting vulnerability

Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway MWG 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header...

CVE-2019-3635 MWG Proxy: Cross-Frame Scripting vulnerability

Exfiltration of Data in McAfee Web Gateway MWG 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe...

Security Bulletin: IBM InfoSphere Information Server is affected by a Cross-Frame Scripting vulnerability.

Summary IBM InfoSphere Information Server is affected by a Cross-Frame Scripting vulnerability. Vulnerability Details CVEID: CVE-2019-4237 DESCRIPTION: A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server can allow an attacker to load the vulnerable application inside an HTM...

CVE-2019-4237

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...

CVE-2019-4237

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...

Cross site scripting

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...

CVE-2019-4237

CVE-2019-4237 affects IBM InfoSphere Information Server (and Information Governance Catalog; on Cloud) versions 11.3, 11.5, and 11.7. It is a Cross-Frame Scripting vulnerability that can allow loading the vulnerable application inside an HTML iframe on a malicious page. Root cause details are not...

CVE-2019-4237

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...

PT-2019-16985 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server versions 11.3 through 11.7 Description: A Cross-Frame Scripting issue allows an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. Recommendations: For IBM InfoSphere...

IBM InfoSphere Information Server Cross-Frame Scripting Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server. An attacker could exploit the...

Security Bulletin: IBM InfoSphere DataStage is vulnerable to Cross-Frame Scripting issue (CVE-2016-9000)

Summary IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. Vulnerability Details CVEID: CVE-2016-9000 DESCRIPTION: IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to Cross-Frame Scripting issue (CVE-2016-5984)

Summary IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. Vulnerability Details CVEID: CVE-2016-5984 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe...

Security Bulletin: API Connect is affected by a Cross Frame Scripting vulnerability CVE-2017-1551

Summary API Connect has addressed the following vulnerability. IBM API Connect could allow a remote attacker to hijack the clicking action of the victim. Vulnerability Details CVEID: CVE-2017-1551 DESCRIPTION: IBM API Connect could allow a remote attacker to hijack the clicking action of the...

CVE-2018-0355

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...

CVE-2018-0355

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...

Cross site scripting

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...

CVE-2018-0355

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...

CVE-2018-0355

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline...

CVE-2018-0355

Cisco CUCM Web UI is affected by a Cross-Frame Scripting (XFS) vulnerability due to insufficient iframe protections. An unauthenticated, remote attacker could lure a user to an attacker-controlled page containing a malicious iframe, enabling clickjacking or other client-side browser attacks on th...