Description

Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Remediation

References

CVE-2011-2892

Related Vulnerabilities

Oracle Database Server CVE-2020-2731 Vulnerability (CVE-2020-2731)

WordPress Plugin Role Scoper Cross-Site Scripting (1.3.64)

Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)

WordPress Plugin Stetic Cross-Site Request Forgery (1.0.6)

Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-25236)

Severity

Medium

Classification

CVE-2011-2892 CWE-20

Tags

Missing Update Known Vulnerabilities