CWE-1021

CVE-2019-17131

February 26, 2023 by

vBulletin before 5.5.4 allows clickjacking.

LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim’s account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.

CVE-2019-16175

February 26, 2023 by

A clickjacking vulnerability was found in Limesurvey before 3.17.14.

CVE-2019-15930

February 26, 2023 by

Intesync Solismed 3.3sp allows Clickjacking.

CVE-2019-12880

February 26, 2023 by

BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. An attacker can take advantage of this vulnerability and cause significant harm.

CVE-2019-0305

February 26, 2023 by

Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and SAP_XITOOL: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not restrict or incorrectly restrict frame objects or UI layers that belong to another application or domain, resulting in Clickjacking vulnerability. Successful exploitation of this vulnerability leads to unwanted modification of user’s data.