Falhas do tipo CWE-1021
189 resultadosCVE-2024-7404MEDIUMImproper Restriction of Rendered UI Layers or Frames in GitLabEPSS 0.5%CVE-2022-36182MEDIUMHashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to maliEPSS 0.5%CVE-2023-4958MEDIUMStackrox: missing http security headers allows for clickjacking in web uiEPSS 0.5%CVE-2022-3034MEDIUMWhen receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document EPSS 0.5%CVE-2022-32919MEDIUMThe issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website tEPSS 0.5%CVE-2024-2613HIGHData was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulEPSS 0.5%CVE-2024-11700HIGHMalicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approEPSS 0.5%CVE-2024-7518MEDIUMSelect options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vEPSS 0.5%CVE-2023-4956MEDIUMQuay: clickjacking on config-editor page severityEPSS 0.5%CVE-2024-1890MEDIUMClickjacking vulnerability in Sunny WebboxEPSS 0.5%CVE-2022-46061MEDIUMAeroCMS v0.0.1 is vulnerable to ClickJacking.EPSS 0.5%CVE-2022-43378MEDIUM
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that
could cause the user to be tricked into peEPSS 0.5%CVE-2022-40268MEDIUMImproper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.EPSS 0.5%CVE-2023-0057LOWImproper Restriction of Rendered UI Layers or Frames in pyload/pyloadEPSS 0.5%CVE-2024-3911MEDIUMWelotec: Clickjacking Vulnerability in WebUIEPSS 0.5%CVE-2023-5103MEDIUMImproper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensEPSS 0.5%CVE-2022-20820MEDIUMCisco Webex Meetings Web Interface VulnerabilitiesEPSS 0.4%CVE-2024-33377HIGHLB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim uEPSS 0.4%CVE-2024-11695MEDIUMA crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoEPSS 0.4%CVE-2022-20852MEDIUMCisco Webex Meetings Web Interface VulnerabilitiesEPSS 0.4%