PT-2011-2320 · Piwik · Piwik

Robocoder

Published

2011-01-10

Updated

2019-11-21

CVE-2011-0399

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Piwik versions prior to 1.1

Description The issue allows remote attackers to conduct clickjacking attacks via a crafted web site, making it easier to perform malicious actions by rendering the login form inside a frame in a third-party HTML document.

Recommendations For versions prior to 1.1, update to version 1.1 or later to prevent the rendering of the login form inside a frame in a third-party HTML document and mitigate the risk of clickjacking attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2011-0399

Affected Products

Piwik

PT-2011-2320 · Piwik · Piwik

CVE-2011-0399

Related Identifiers

Affected Products

References · 7