Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Lack of protection mechanisms against Clickjacking attacks
Vulnerability Description
The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into performing unintended actions, including potentially bypassing CSRF/XSRF defenses.
CVSS Information
N/A
Vulnerability Type
不当限制渲染UI层或帧
Vulnerability Title
CGM CLININET 安全漏洞
Vulnerability Description
CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在安全漏洞,该漏洞源于未实施任何防止点击劫持攻击的机制,可能导致攻击者将应用程序嵌入恶意制作的IFRAME中并诱使用户执行意外操作。
CVSS Information
N/A
Vulnerability Type
N/A