4 matches found
Sifchain: Clickjacking at sifchain.finance
Hi team, While performing security testing of your website i have found the vulnerability called Clickjacking. Many URLS are in scope and vulnerable to Clickjacking. What is Clickjacking ? Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of...
Sifchain: Clickjacking /framing on sensitive Subdomain
Vulnerability Name : Clickjacking /framing Vulnerability Description : Clickjacking is an interface-based attack in which user is tricked into clicking on actionable content on a hidden website by clicking on some other content in a decoy website . Vulnerable Url :...
Sifchain: Wordpress Users Disclosure (/wp-json/wp/v2/users/) on sifchain.finance
Information: Using REST API, we can see all the WordPress users/author with some of their information. Step To Reproduce: You can get user info by entering below url in your browser: https://www.sifchain.finance/wp-json/wp/v2/users/ Results:...
Sifchain: CORS misconfiguration
Description: Affected website: https://sifchain.finance/wp-json/oembed/1.0/embed?url=https://sifchain.finance/&format=xml Step-by-step Reproduction : 1. Send this request: javascript GET /wp-json/oembed/1.0/embed?url=https://sifchain.finance/&format=xml HTTP/1.1 Host: sifchain.finance...