Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Kenexa LMS on Cloud 点击劫持漏洞
Vulnerability Description
IBM Kenexa LMS on Cloud是美国IBM公司的一套可配置的集成了社交网络、协作和知识分享功能的企业级社交学习管理系统 (LMS)。该系统提供互动功能并支持用户对学习内容进行评价并分享自己的经验等。 IBM Kenexa LMS on Cloud中存在点击劫持漏洞。远程攻击者可通过诱使用户点击恶意的链接利用该漏洞非法操作受影响应用程序或获取敏感信息。以下版本受到影响:IBM Kenexa LMS on Cloud 4.1、4.2、4.2.2、4.2.3、4.2.4。
CVSS Information
N/A
Vulnerability Type
N/A