Summary by National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
X-Frame protections implemented
Clickjacking Vulnerability on NASA's AHED Portal Login
Disclosed by cyberfascinate- Engagement National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
- Disclosed date about 1 year ago
- Priority P5 Bugcrowd's VRT priority rating
- Status Informational This vulnerability is seen as an accepted business risk
Summary by cyberfascinate
A clickjacking vulnerability was identified on the NASA AHED Portal login page. This issue allows an attacker to load the login page in an invisible iframe on a malicious website, potentially tricking users into unintended actions, such as logging in. While considered low risk, this vulnerability highlights the importance of implementing anti-clickjacking measures to protect users from similar attacks.