Open exponentcms opened 4 years ago
Hello Exponent
while looking into your cms i found that its vulnerable to click jacking
by using clickjacking an attacker can directly bypass the referer based csrf protection which will be exploited on victim side
please see the attached screen shot and to know how it can be exploited kindly read my blog post on this same vulnerability -
http://hacktivity.websecgeeks.com/linkedin-clickjacking/
will look forward to you
So what your are going to do next ? about this issue !
[bulk edit]
Lighthouse URL: https://exponentcms.lighthouseapp.com/projects/61783/tickets/1233
Hi team, is there any updates on this ?
Hello Exponent
while looking into your cms i found that its vulnerable to click jacking
by using clickjacking an attacker can directly bypass the referer based csrf protection which will be exploited on victim side
please see the attached screen shot and to know how it can be exploited kindly read my blog post on this same vulnerability -
http://hacktivity.websecgeeks.com/linkedin-clickjacking/
will look forward to you