Clickjacking Vulnerability in Simple Machines Forum by Simple Machines
CVE-2013-7234

Currently unrated

Key Information:

Vendor: Simplemachines
Status: Simple Machines Forum
Vendor: CVE Published:; 29 April 2014

🔔 Create Simplemachines Vulnerability Alert

What is CVE-2013-7234?

The vulnerability allows remote attackers to exploit a lack of proper X-Frame-Options header, making users susceptible to clickjacking attacks. This could lead to unauthorized actions performed on behalf of the user, jeopardizing their data and security.

References

http://www.openwall.com/lists/oss-security/2013/12/30/1

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2013/12/30/3

mailing-listx_refsource_MLIST

http://seclists.org/fulldisclosure/2013/Dec/83

mailing-listx_refsource_FULLDISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2014
Vulnerability Reserved
Dec 29, 2013