3802 matches found
CVE-2017-6504
WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking...
CVE-2017-6504
CVE-2017-6504 affects the qBittorrent WebUI prior to 3.3.11, where the application did not set the X-Frame-Options header, potentially enabling clickjacking. Public details in the provided documents confirm the vulnerable component (WebUI), the condition (before 3.3.11), and the impact (clickjack...
IBM WebSphere Message Broker Clickjacking Vulnerability
IBM WebSphere Message Broker now known as IBM Integration Bus is an enterprise service bus ESB product from IBM, USA. The product provides connectivity and common data transformations for Service Oriented Architecture SOA environments and non-SOA environments. A clickjacking vulnerability exists ...
Brave Software: Clickjacking or URL Masking
I am able to reproduce the bug in : Brave: 0.13.2 rev: 25b1199fb6154b089cbad37926483239495b9800 Muon: 2.0.19 libchromiumcontent: 54.0.2840.100 V8: 5.4.500.41 Node.js: 7.0.0 Update Channel: dev os.platform: win32 os.release: 6.1.7601 os.arch: x64 Steps to reproduce : 1. Open click.html 2. Then try...
WebSummit: found a vulnerability in your website
the vulnerability in your website is something called clickjacking or x-frame options header not set . when X-frame options header is not included in the HTTP the attacker can attack your website by clickjacking. so what is x-frame options? The X-Frame-Options HTTP response header can be used to...
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
Cross site scripting
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-9000
IBM InfoSphere DataStage is affected by CVE-2016-9000, a Cross‑Frame Scripting issue caused by insufficient HTML iframe protection. A remote attacker could entice a user to visit a crafted URL to load a page under the attacker’s control, enabling clickjacking or other client‑side browser attacks....
CVE-2016-9000
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...
CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
Cross site scripting
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
CVE-2016-5984
CVE-2016-5984 affects IBM InfoSphere Information Server and ISF/InfoSphere on Cloud. The vulnerability is a cross-frame scripting issue due to insufficient HTML iframe protection, enabling a remote attacker to use a crafted URL to perform clickjacking or similar client-side browser attacks. Affec...
CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...
CVE-2016-9413
The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2016-9413
The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
Code injection
The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2016-9413
The CVE-2016-9413 entry affects MyBB Admin control panel and MyBB Merge System prior to 1.8.7. The underlying issue is clickjacking via unspecified vectors, enabling remote attackers to perform clickjacking against affected admin interfaces. The vulnerable components are the Admin control panel a...
CVE-2016-9413
The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...