Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-10 | CVE-2020-15648 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. | 6.5 |
| 2020-07-29 | CVE-2020-4644 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-07-07 | CVE-2019-4323 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Appscan 10.0.0/9.0.3.14 "HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | 4.3 |
| 2020-06-24 | CVE-2020-4322 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Security Secret Server 10.6/10.7/10.7.000059 IBM Security Secret Server 10.7 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
| 2020-06-15 | CVE-2020-4406 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-05-12 | CVE-2020-4195 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM API Connect IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-04-24 | CVE-2020-6827 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox ESR When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. | 4.7 |
| 2020-04-20 | CVE-2020-9444 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Zulip Server Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality. | 6.1 |
| 2020-04-15 | CVE-2020-10951 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Westerndigital IBI and MY Cloud Home Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. | 4.7 |
| 2020-04-06 | CVE-2020-1728 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A vulnerability was found in all versions of Keycloak where, the pages on the Admin Console area of the application are completely missing general HTTP security headers in HTTP-responses. | 5.4 |