描述
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.
AI分析AI驱动
受影响产品
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
ledgersmbledgersmb
debiandebian_linux
10.0
debiandebian_linux
11.0
参考资料
- https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888aThird Party Advisory
- https://ledgersmb.org/cve-2021-3731-clickjackingVendor Advisory
- https://www.debian.org/security/2021/dsa-4962Third Party Advisory
- https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888aThird Party Advisory
- https://ledgersmb.org/cve-2021-3731-clickjackingVendor Advisory
- https://www.debian.org/security/2021/dsa-4962Third Party Advisory