BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. An attacker can take advantage of this vulnerability and cause significant harm.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/153405/Quarking-Password-Manager-3.1.84-Clickjacking.html | |
http://seclists.org/fulldisclosure/2019/Jun/31 | Mailing List Third Party Advisory |
https://chrome.google.com/webstore/detail/quarking-password-manager/gfkmpfajamepgekgohcdnjogmeamcdmm?hl=en | Product Vendor Advisory |
http://packetstormsecurity.com/files/153405/Quarking-Password-Manager-3.1.84-Clickjacking.html | |
http://seclists.org/fulldisclosure/2019/Jun/31 | Mailing List Third Party Advisory |
https://chrome.google.com/webstore/detail/quarking-password-manager/gfkmpfajamepgekgohcdnjogmeamcdmm?hl=en | Product Vendor Advisory |
Configurations
History
21 Nov 2024, 04:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/153405/Quarking-Password-Manager-3.1.84-Clickjacking.html - | |
References | () http://seclists.org/fulldisclosure/2019/Jun/31 - Mailing List, Third Party Advisory | |
References | () https://chrome.google.com/webstore/detail/quarking-password-manager/gfkmpfajamepgekgohcdnjogmeamcdmm?hl=en - Product, Vendor Advisory |
Information
Published : 2019-06-24 19:15
Updated : 2024-11-21 04:23
NVD link : CVE-2019-12880
Mitre link : CVE-2019-12880
CVE.ORG link : CVE-2019-12880
JSON object : View
Products Affected
bcnquark
- quarking_password_manager
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames