CWE:
 

Topic
Date
Author
Low
Bello WordPress Theme <= 1.5.9 - Authenticated XFS
17.05.2021
m0ze


CVEMAP Search Results

CVE
Details
Description
2024-06-27
Waiting for details
CVE-2023-42011

Updating...
 

 
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.

 
2024-06-06
Waiting for details
CVE-2024-2383

Updating...
 

 
A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5 due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control. The issue was addressed in version 0.56.3.

 
2024-04-24
Waiting for details
CVE-2023-47774

Updating...
 

 
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7.

 
2024-04-23
Waiting for details
CVE-2024-3911

Updating...
 

 
An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames. 

 
2024-02-26
Waiting for details
CVE-2024-1890

Updating...
 

 
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier.

 
2024-01-18
Waiting for details
CVE-2024-0669

Updating...
 

 
A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element.

 
2023-10-30
Waiting for details
CVE-2023-36920

Updating...
 

 
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.

 
2023-04-18
Waiting for details
CVE-2022-43378

Updating...
 

 
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)

 
2023-03-13
Waiting for details
CVE-2023-1362

Updating...
 

 
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2.

 
2023-02-11
Waiting for details
CVE-2023-0780

Updating...
 

 
Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top