PT-2019-12997 · Bcn Quark · Bcn Quark Quarking Password Manager

Gionreale

Publicado

2019-06-24

Atualizado

2020-08-24

CVE-2019-12880

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions BCN Quark Quarking Password Manager version 3.1.84

Description The issue is caused by allowing * within web accessible resources, which leads to a clickjacking vulnerability. An attacker can exploit this to cause significant harm.

Recommendations For BCN Quark Quarking Password Manager version 3.1.84, consider restricting access to web accessible resources to prevent clickjacking attacks until a patch is available.

Correção

Clickjacking

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1021

Identificadores relacionados

CVE-2019-12880

Produtos afetados

Bcn Quark Quarking Password Manager

PT-2019-12997 · Bcn Quark · Bcn Quark Quarking Password Manager

CVE-2019-12880

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5