CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2892

Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://bl0g.yehg.net/2011/04/joomla-161-and-lower-information.html
http://developer.joomla.org/security/news/347-20110409-core-clickjacking.html
http://bl0g.yehg.net/2011/04/joomla-161-and-lower-information.html
http://developer.joomla.org/security/news/347-20110409-core-clickjacking.html

Products affected by CVE-2011-2892

Joomla » Joomla! » Version: 1.6

cpe:2.3:a:joomla:joomla!:1.6
Joomla » Joomla! » Version: 1.6.0

cpe:2.3:a:joomla:joomla!:1.6.0
Joomla » Joomla! » Version: 1.6.1

cpe:2.3:a:joomla:joomla!:1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2892

Products

Pricing

Contact Us