LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "ledgersmb", "binary_version": "1.6.9+ds-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "ledgersmb", "binary_version": "1.6.33+ds-1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "ledgersmb", "binary_version": "1.6.33+ds-2.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "ledgersmb", "binary_version": "1.6.33+ds-2.1" } ] }