Menu
▾
▴
#4829 Webmin Vulnerable to ClickJacking attack
Hi Team,
I have identified that webmin is vulnerable to clickjacking attack, where an attacker might open the webmin in any html IFRAME tag and hijacks the user clicks.
This may allow an attacker to use the webmin as a source to steal sensitive information like credentials which a user might be entering to log in to webmin and use these credentials to log in to Webmin.
I also have fix and where to apply this fix.
Let me know if any concern
Yes, please provide more details. However, webmin should block framing itself by default.