| عنوان | Gym management system project ClickJacking exists on multiple pages |
|---|
| الوصف | [College Attendance System (CAS)](https://www.sourcecodester.com/visual-basic-net/15538/college-attendance-system-cas.html) Posted by SourceCodester is vulnerable to ClickJacking.
Attackers can use this vulnerability to deceive users to click, causing losses to individuals and platforms.
Clickjacking was introduced in 2008 by Internet security experts Robert Hansen and Jeremiah Grossman. It is a kind of visual deception. On the web side, it is an iframe that nests a transparent and invisible page, allowing users to click the location where the attacker wants to deceive the user to click without knowing it.
There are roughly two ways to exploit clickjacking. One is that the attacker uses a transparent iframe to overlay on a web page, and then induces the user to operate on the page. At this time, the user will click on the transparent iframe without knowing it. page, so as to achieve a certain purpose of the attacker, such as: brushing clicks, defrauding attention, etc.; second, the attacker uses a picture to cover the web page to block the meaning of the original position of the web page. |
|---|
| المصدر | ⚠️ https://github.com/Blythe-LU/Record4/blob/main/Gym%20management%20system%20project%20-%20ClickJacking%20exists%20on%20multiple%20pages.md |
|---|
| المستخدم | blythe (UID 30714) |
|---|
| ارسال | 12/08/2022 11:16 AM (4 سنوات منذ) |
|---|
| الاعتدال | 12/08/2022 12:46 PM (1 hour later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 206246 [SourceCodester Gym Management System تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|