clickjacking vulnerability

## Summary: [add summary of the vulnerability] While performing security testing of your website i have found the vulnerability called Clickjacking. Many URLS are in scope and vulnerable to Clickjacking. What is Clickjacking ? Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. ## Steps To Reproduce: [add details for how we can reproduce the issue] Vulnerable Url :https://sifchain.finance 1. Insert the above URL in the following code: <html> <body> <h1>hai</h1> <iframe src="https://sifchain.finance "> </iframe> </body> </html> Notice that site is visible in the Iframe ## Supporting Material/References: [list any additional material (e.g. screenshots, logs, etc.)] POC is in the attachments. Thanks, waiting for your response. * [attachment / reference] ## Impact Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.