Описание
Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:joomla:joomla\!:1.6:alpha:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:alpha2:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta1:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta10:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta11:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta12:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta13:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta14:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta15:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta2:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta3:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta4:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta5:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta6:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta7:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta8:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:beta9:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6:rc1:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00017
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
EPSS
Процентиль: 3%
0.00017
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20