cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Understanding Clickjacking Vulnerabilities

713
Views
0
Helpful
0
Comments

Clickjacking is when a threat actor leverages multiple transparent or opaque layers to trick users into clicking on a link or any component of a web application to redirect them to another page (often a malicious website). Clickjacking is also known as a “UI redress vulnerability” or “UI redress attack”.  

Clickjacking attacks involve a level of social engineering in order to trick users to click on the affected components or links and redirect them to a malicious website.

Certain clickjacking vulnerabilities could also allow user keystrokes to also be hijacked. For instance, an attacker can craft or modify a combination of CSS stylesheets, iFrames, and web forms, to trick users to believe they are typing in a password in a web application. However, they are instead typing it into an invisible frame controlled by the attacker.

Preventing Clickjacking Vulnerabilities

The following are a few methods to prevent clickjacking vulnerabilities and underlying attacks:

The following additional resources provide detailed information on how to prevent clickjacking vulnerabilities at:

 

 

 

Content for Community-Ad