CVE-2011-2892 Information

Description

Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Reference

http://bl0g.yehg.net/2011/04/joomla-161-and-lower-information.html http://developer.joomla.org/security/news/347-20110409-core-clickjacking.html