| 제목 | Gym management system project ClickJacking exists on multiple pages |
|---|
| 설명 | [College Attendance System (CAS)](https://www.sourcecodester.com/visual-basic-net/15538/college-attendance-system-cas.html) Posted by SourceCodester is vulnerable to ClickJacking.
Attackers can use this vulnerability to deceive users to click, causing losses to individuals and platforms.
Clickjacking was introduced in 2008 by Internet security experts Robert Hansen and Jeremiah Grossman. It is a kind of visual deception. On the web side, it is an iframe that nests a transparent and invisible page, allowing users to click the location where the attacker wants to deceive the user to click without knowing it.
There are roughly two ways to exploit clickjacking. One is that the attacker uses a transparent iframe to overlay on a web page, and then induces the user to operate on the page. At this time, the user will click on the transparent iframe without knowing it. page, so as to achieve a certain purpose of the attacker, such as: brushing clicks, defrauding attention, etc.; second, the attacker uses a picture to cover the web page to block the meaning of the original position of the web page. |
|---|
| 원천 | ⚠️ https://github.com/Blythe-LU/Record4/blob/main/Gym%20management%20system%20project%20-%20ClickJacking%20exists%20on%20multiple%20pages.md |
|---|
| 사용자 | blythe (UID 30714) |
|---|
| 제출 | 2022. 08. 12. AM 11:16 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 08. 12. PM 12:46 (1 hour later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 206246 [SourceCodester Gym Management System 권한 상승] |
|---|
| 포인트들 | 20 |
|---|