Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-02 | CVE-2022-40268 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishielectric Gt25 Firmware, Gt27 Firmware and GT Softgot2000 Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking. | 4.7 |
| 2023-02-01 | CVE-2023-23126 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Connectwise Automate 2022.11 Connectwise Automate 2022.11 is vulnerable to Clickjacking. | 6.1 |
| 2023-02-01 | CVE-2022-45096 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. | 6.5 |
| 2023-01-26 | CVE-2023-20913 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.8 |
| 2023-01-26 | CVE-2022-20213 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 5.5 |
| 2023-01-26 | CVE-2022-20214 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. | 4.7 |
| 2023-01-26 | CVE-2022-20215 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. | 5.5 |
| 2022-12-22 | CVE-2022-28286 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox ESR Due to a layout change, iframe contents could have been rendered outside of its border. | 5.4 |
| 2022-12-22 | CVE-2022-29911 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. | 6.1 |
| 2022-12-22 | CVE-2022-3034 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. | 4.3 |