Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-28218 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action. | 6.5 |
| 2020-12-09 | CVE-2020-26962 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. | 6.1 |
| 2020-12-09 | CVE-2020-26953 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. | 4.3 |
| 2020-12-08 | CVE-2020-9993 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products The issue was addressed with improved UI handling. | 4.3 |
| 2020-12-08 | CVE-2020-9987 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
| 2020-12-08 | CVE-2020-9945 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple mac OS X A spoofing issue existed in the handling of URLs. | 4.3 |
| 2020-12-08 | CVE-2020-9942 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
| 2020-12-03 | CVE-2020-5679 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Ec-Cube Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. | 6.1 |
| 2020-11-03 | CVE-2020-4785 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-10-28 | CVE-2020-24711 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Getgophish Gophish The Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack | 6.5 |