CVE-2024-1890

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier.

Related Vulnerabilities

CVE-2019-4285

MEDIUM
CVSS:5.4(Medium)

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attack...

CWE-10212019

CVE-2020-15793

MEDIUM
CVSS:5.4(Medium)

A vulnerability has been identified in Desigo Insight (All versions). The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could all...

CWE-10212020

CVE-2020-2105

MEDIUM
CVSS:5.4(Medium)

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

CWE-10212020

CVE-2020-4165

MEDIUM
CVSS:5.4(Medium)

IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit th...

CWE-10212020

CVE-2020-4195

MEDIUM
CVSS:5.4(Medium)

IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could...

CWE-10212020

CVE-2020-4406

MEDIUM
CVSS:5.4(Medium)

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1...

CWE-10212020