🚀 Join our AI Wargame at Black Hat Asia and our Workshop + Wargame at NDC Sydney .

Clickjacking

Clickjacking happens when a user unknowingly initiation some actions in a UI white interacting with the UI from another domain.

Remediation

Configure and harden Content-Security-Policy to prevent framing of the UI.

Metadata

  • Severity: low
  • Slug: clickjacking

CWEs

  • 1021: Improper Restriction of Rendered UI Layers or Frames

OWASP

  • A05:2021: Security Misconfiguration

Available Labs

Open Javascript labs in SecDim Play for this vulnerability.

Try it yourself

Find, Hack and Fix Your First Vulnerability

Reading about security bugs is one thing — fixing one is how the skill sticks. Play a free challenge from the wargame, no setup required.