Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-24733 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Sylius Sylius is an open source eCommerce platform. | 6.1 |
| 2022-03-11 | CVE-2021-27414 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hitachienergy Ellipse Enterprise Asset Management 9.0.22 An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. | 6.1 |
| 2022-03-11 | CVE-2021-46708 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Smartbear Swagger-Ui-Dist The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2022-03-10 | CVE-2021-41657 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Smartbear Collaborator 6.1.6102 SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack. | 6.1 |
| 2022-03-10 | CVE-2021-3660 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Cockpit (and its plugins) do not seem to protect itself against clickjacking. | 4.3 |
| 2022-02-24 | CVE-2021-39038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2022-02-12 | CVE-2022-0110 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2022-02-11 | CVE-2021-39669 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0/12.0 In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. | 7.8 |
| 2022-02-09 | CVE-2022-22807 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric products A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. | 7.4 |
| 2022-01-28 | CVE-2021-22819 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric products A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. | 4.3 |