Lucene search
K

512 matches found

OSV
OSV
added 2026/01/16 7:50 p.m.4 views

CVE-2026-23731 WeGIA Clickjacking Vulnerability

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, The web application is vulnerable to clickjacking attacks. The WeGIA application does not send any defensive HTTP headers related to framing protection. In particular, X-Frame-Options is missing andContent-Security-Policy with...

4.3CVSS6.4AI score0.00272EPSS
Exploits1References5
OSV
OSV
added 2026/01/15 9:16 p.m.5 views

CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS5.8AI score0.00242EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 8:10 p.m.4 views

CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS5.5AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/15 8:10 p.m.5 views

EUVD-2026-2709

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS6.4AI score0.00242EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/15 8:10 p.m.26 views

CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS0.00242EPSS
Exploits0References2
CVE
CVE
added 2026/01/15 8:10 p.m.21 views

CVE-2025-52987

CVE-2025-52987 is a clickjacking vulnerability in Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) caused by the web portal failing to set proper X-Frame-Options and X-Content-Type headers. Affected are all Paragon Automation versions prior to 24.1.1. Practical impact described...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/15 8:10 p.m.3 views

CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.12 views

CVE-2019-11464

Some enterprises require that REST API endpoints include security-related headers in REST responses. Headers such as X-Frame-Options and X-Content-Type-Options are generally advisable, however some information security professionals additionally look for X-Permitted-Cross-Domain-Policies and...

6.1CVSS6.7AI score0.00851EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:50 a.m.6 views

CVE-2013-6772

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking...

4.3CVSS7AI score0.00683EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 6:15 p.m.4 views

CVE-2025-65922

PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...

4.3CVSS0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/01/05 6:15 p.m.5 views

CVE-2025-65922

PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References2
CVE
CVE
added 2026/01/05 12:0 a.m.11 views

CVE-2025-65922

CVE-2025-65922 affects PLANKA 2.0.0. The issue is missing X-Frame-Options and CSP frame-ancestors headers, allowing the app to be embedded in malicious iframes which could enable UI redressing and phishing on overlay forms. The supplier disputes the risk, citing SameSite=Strict cookies and cross-...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/05 12:0 a.m.5 views

CVE-2025-65922

PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...

6.2AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.7 views

PT-2026-1317

Name of the Vulnerable Software and Affected Versions PLANKA version 2.0.0 Description The application does not implement X-Frame-Options and CSP frame-ancestors headers, which allows it to be embedded within malicious iframes. This can expose users to phishing attacks through UI Redressing,...

4.3CVSS6.5AI score0.0014EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-3003

Malware in sbrugna...

4.3CVSS6.4AI score0.009EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-3137

Malware in sbrugna...

6.1CVSS6.3AI score0.00851EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-5179

Malware in sbrugna...

4.3CVSS6.1AI score0.01743EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-3086

Malware in sbrugna...

4.3CVSS6.4AI score0.01816EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1723

Malware in sbrugna...

4CVSS9.2AI score0.01661EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-13776

Malware in sbrugna...

4.7CVSS4.9AI score0.00599EPSS
Exploits0References2
Rows per page
Query Builder