IBM Leads 7.x, 8.1.0 prior to 8.1.0.14, 8.2, 8.5.0 prior to 8.5.0.7.3, 8.6.0 prior to 8.6.0.8.1, 9.0.0 up to and including 9.0.0.4, 9.1.0 prior to 9.1.0.6.1, and 9.1.1 prior to 9.1.1.0.2 does not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm leads 7.1.0 |
||
ibm leads 7.1.1 |
||
ibm leads 8.1.0 |
||
ibm leads 8.5.0 |
||
ibm leads 8.6.0 |
||
ibm leads 9.0.0 |
||
ibm leads 9.1.0 |
||
ibm leads 9.1.1 |
||
ibm leads 7.5.0 |
||
ibm leads 8.2.0 |