3 matches found
CVE-2019-19001
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentia...
CVE-2019-19001
creationtimestamp| type| source ---|---|--- 2020-04-03 02:28:14+00:00| seen| https://t.me/cibsecurity/10972...
CVE-2019-19001
ABB eSOMS is affected by CVE-2019-19001 due to the absence of the X-Frame-Options header in HTTP responses for versions 4.0 to 6.0.2. This can enable ClickJacking by framing parts of the application on a malicious site, potentially exposing sensitive user credentials. Root cause: HTTP responses l...