Vulnerabilities > CVE-2021-46708 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Smartbear Swagger-Ui-Dist

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
smartbear
CWE-1021
NVD
Published: 2022-03-11
Updated: 2023-03-28

Summary

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.

Vulnerable Configurations

Part Description Count
Application
Smartbear
261

Common Weakness Enumeration (CWE)

References