Clickjacking Vulnerability in IBM InfoSphere Enterprise Records
CVE-2013-6315

Currently unrated

Key Information:

Vendor: IBM
Status: Enterprise Records; Infosphere Enterprise Records
Vendor: CVE Published:; 6 March 2014

Summary

IBM InfoSphere Enterprise Records versions prior to 4.5.1.7-IER-IF001 and 5.1.1.1-IER-IF003 are susceptible to a clickjacking vulnerability. This issue arises from inadequate restrictions on the use of FRAME elements, potentially allowing remote attackers to manipulate web content to deceive users. By exploiting this vulnerability, attackers can craft misleading web pages that can trick users into performing unintended actions, potentially compromising sensitive data.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21662911

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/88596

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 6, 2014
Vulnerability Reserved
Oct 31, 2013