Vulnerabilities > CVE-2021-3731 - Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products

047910
CVSS 4.7 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
ledgersmb
debian
CWE-1021
NVD
Published: 2021-08-23
Updated: 2021-08-27

Summary

LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.

Vulnerable Configurations

Part Description Count
Application
Ledgersmb
249
OS
Debian
2

Common Weakness Enumeration (CWE)

References