Vulnerabilities > CVE-2019-16371 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Logmein Lastpass
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
LOW Availability impact
NONE Summary
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.