3 matches found
CVE-2023-4958 Stackrox: missing http security headers allows for clickjacking in web ui
In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...
CVE-2023-4958
CVE-2023-4958 affects Red Hat Advanced Cluster Security (RHACS). The vulnerability is that some security-related HTTP headers are missing in RHACS web UI, enabling a clickjacking-style attack where an attacker entices a valid RHACS user to visit a malicious page that redirects to RHACS endpoints,...
CVE-2023-4958 Stackrox: missing http security headers allows for clickjacking in web ui
In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...