7 matches found
CVE-2026-24839 Dokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headers
Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, the Dokploy web interface is vulnerable to Clickjacking attacks due to missing frame-busting headers. This allows attackers to embed Dokploy pages in malicious iframes and trick authenticated users into...
CVE-2026-24839
CVE-2026-24839 affects Dokploy (PaaS). In versions prior to 0.26.6, the Dokploy web interface is vulnerable to clickjacking due to missing frame-busting headers, allowing an attacker to embed Dokploy pages in malicious iframes and trick authenticated users into performing unintended actions. Vers...
CVE-2026-24839 Dokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headers
Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, the Dokploy web interface is vulnerable to Clickjacking attacks due to missing frame-busting headers. This allows attackers to embed Dokploy pages in malicious iframes and trick authenticated users into...
CVE-2025-65922
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...
CVE-2025-65922
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...
EUVD-2026-0827
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...
CVE-2025-65922
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...