Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-23343 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Bigfix OSD Bare Metal Server 311.12 A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain. | 6.1 |
| 2023-06-07 | CVE-2023-3140 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Knime Business HUB Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. | 4.3 |
| 2023-04-18 | CVE-2022-43378 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric products A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior) | 6.5 |
| 2023-03-13 | CVE-2023-1362 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Bumsys Project Bumsys Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2. | 6.1 |
| 2023-02-27 | CVE-2022-32891 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products The issue was addressed with improved UI handling. | 6.1 |
| 2023-02-11 | CVE-2023-0780 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Agentejo Cockpit Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev. | 5.4 |
| 2023-02-02 | CVE-2022-40268 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishielectric Gt25 Firmware, Gt27 Firmware and GT Softgot2000 Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking. | 4.7 |
| 2023-02-01 | CVE-2023-23126 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Connectwise Automate 2022.11 Connectwise Automate 2022.11 is vulnerable to Clickjacking. | 6.1 |
| 2023-02-01 | CVE-2022-45096 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. | 6.5 |
| 2023-01-30 | CVE-2022-32517 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric Conext Combox Firmware A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to render within frames on external addresses. | 6.5 |