CVE-2021-3731
5.9MEDIUMLedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.
Опубликовано: 8/23/2021Обновлено: 11/21/2024
Описание
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.
ИИ-АнализНа базе ИИ
Затронутые продукты
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
debiandebian_linux
10.0
debiandebian_linux
11.0
Ссылки
- https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888aThird Party Advisory
- https://ledgersmb.org/cve-2021-3731-clickjackingVendor Advisory
- https://www.debian.org/security/2021/dsa-4962Third Party Advisory
- https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888aThird Party Advisory
- https://ledgersmb.org/cve-2021-3731-clickjackingVendor Advisory
- https://www.debian.org/security/2021/dsa-4962Third Party Advisory