Vulnerabilities > CVE-2021-3731 - Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
ledgersmb
debian
CWE-1021
NVD
Published: 2021-08-23
Updated: 2021-08-27

Summary

LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.

Vulnerable Configurations

Part Description Count
Application
Ledgersmb
235
OS
Debian
2

Common Weakness Enumeration (CWE)

References