Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-01 | CVE-2024-9397 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. | 6.1 |
| 2024-07-30 | CVE-2024-39320 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Discourse Discourse is an open source discussion platform. | 6.1 |
| 2024-07-29 | CVE-2024-40817 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Macos and Safari The issue was addressed with improved UI handling. | 6.1 |
| 2024-06-27 | CVE-2023-42011 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Sterling B2B Integrator 6.1/6.2 IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. | 5.4 |
| 2024-06-11 | CVE-2024-5698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. | 6.1 |
| 2024-06-06 | CVE-2024-2383 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Zenml A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5 due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. | 6.1 |
| 2024-04-23 | CVE-2024-3911 | An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames. | 6.5 |
| 2024-02-10 | CVE-2023-45698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime Chat and Meetings Sametime is impacted by lack of clickjacking protection in Outlook add-in. | 6.1 |
| 2024-02-06 | CVE-2024-20810 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Samsung Android 12.0/13.0 Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. | 3.3 |
| 2024-01-18 | CVE-2024-0669 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Plone A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. | 7.1 |