CWE-1021
Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
376 vulnerabilities with CWE-1021
CVE-2022-45417
MEDIUM
Firefox < 107 - Info Disclosure
CVSS 4.3
CVE-2022-3034
MEDIUM
Thunderbird <102.2.1-<91.13.1 - XSS
CVSS 4.3
CVE-2022-36319
HIGH
Firefox <103 - Info Disclosure
CVSS 7.5
CVE-2022-29914
MEDIUM
Firefox <100 - Info Disclosure
CVSS 6.5
CVE-2022-29911
MEDIUM
Thunderbird <91.9 & Firefox <100 - XSS
CVSS 6.1
CVE-2022-28286
MEDIUM
Thunderbird <91.8 - XSS
CVSS 5.4
CVE-2022-20553
MEDIUM
Android <13 - Privilege Escalation
CVSS 6.5
CVE-2022-20520
HIGH
Android <13 - Privilege Escalation
CVSS 7.8
CVE-2022-46695
MEDIUM
Apple TV OS <16.2- iPad OS <16.2 - Spoofing
CVSS 6.5
CVE-2022-20501
HIGH
Android - Privilege Escalation
CVSS 7.3
CVE-2022-20442
HIGH
Android - Privilege Escalation
CVSS 7.3
CVE-2022-46061
MEDIUM
AeroCMS v0.0.1 - CSRF
CVSS 6.1
CVE-2022-34318
MEDIUM
IBM CICS TX 11.1 - CSRF
CVSS 5.4
CVE-2022-3260
MEDIUM
Redhat Red Hat OpenShift - Clickjacking via Missing X-FRAME-OPTIONS Header
CVSS 4.8
CVE-2022-42799
MEDIUM
Apple Safari < 16.1 - Denial of Service
CVSS 6.1
CVE-2022-36182
MEDIUM
Hashicorp Boundary <0.8.0 - SSRF
CVSS 6.1
CVE-2022-22503
MEDIUM
IBM Robotic Process Automation 21.0.0 - CSRF
CVSS 6.1
CVE-2022-3167
HIGH
GitHub ikus060/rdiffweb <2.4.1 - Info Disclosure
CVSS 8.8
CVE-2022-36736
MEDIUM
Jitsi-2.10.5550 - CSRF
CVSS 6.1
CVE-2022-2965
MEDIUM
notrinos/notrinoserp <0.7 - Info Disclosure
CVSS 4.3
CVE-2022-2800
MEDIUM
SourceCodester Gym Management System - XSS
CVSS 4.3
CVE-2022-20331
HIGH
Android <13 - Privilege Escalation
CVSS 7.8
CVE-2022-20852
MEDIUM
Cisco Webex Meetings - XSS
CVSS 5.4
CVE-2022-20820
MEDIUM
Cisco Webex Meetings - XSS
CVSS 5.4
CVE-2022-2734
MEDIUM
openemr/openemr <7.0.0.1 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities
376