ingria
commented
8 years ago The Fix: This bug has been fixed now, Telegram Web Client applied “X-Frame-Options” header on server side!
Closed SymbianSyMoh closed 8 years ago
ingria
commented
8 years ago The Fix: This bug has been fixed now, Telegram Web Client applied “X-Frame-Options” header on server side!
SymbianSyMoh
commented
8 years ago Hi @codefuhrer I'm the reporter of the bug and sure I know that they have fixed it, But regarding Webogram, It has to have a mitigation in place by adding a user caution or a configuration option to apply the header by default!
Hi, Here's more details: https://www.seekurity.com/blog/general/telegram-web-client-clickjacking-vulnerability/