CVE-2021-37788

Published: Aug 9, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted HTTP packets with malicious iFrame data. A successful exploit could allow the attacker to perform a clickjacking attack where the user is tricked into clicking a malicious link.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/rvismit/67bc11dd9ccb7423827564cb81d25740

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-37788

Description

Affected Products

References