Vulnerabilities > CVE-2020-24711 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Getgophish Gophish

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
getgophish
CWE-1021

Summary

The Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack