CWE-451

User Interface (UI) Misrepresentation of Critical Information

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

182 vulnerabilities with CWE-451
CVE-2024-7020 MEDIUM
Google Chrome <124.0.6367.60 - XSS
CVSS 4.3
CVE-2024-7019 MEDIUM
Google Chrome <124.0.6367.60 - XSS
CVSS 4.3
CVE-2024-8909 MEDIUM
Google Chrome <129.0.6668.58 - CSRF
CVSS 4.3
CVE-2024-43461 HIGH KEV
Windows MSHTML - SSRF
CVSS 8.8
CVE-2024-38197 MEDIUM
Microsoft Teams < - SSRF
CVSS 6.5
CVE-2024-6999 MEDIUM
Google Chrome <127.0.6533.72 - XSS
CVSS 4.3
CVE-2024-7529 MEDIUM
Firefox < 129 - Info Disclosure
CVSS 6.5
CVE-2024-6595 LOW
GitLab CE/EE <16.11.6/<17.0.4/<17.1.2 - Info Disclosure
CVSS 3.0
CVE-2024-38112 HIGH KEV
Windows MSHTML - SSRF
CVSS 7.5
CVE-2024-6610 MEDIUM
Firefox <128 - Info Disclosure
CVSS 4.3
CVE-2024-38093 MEDIUM
Microsoft Edge < - SSRF
CVSS 4.3
CVE-2024-38082 MEDIUM
Microsoft Edge < - SSRF
CVSS 4.7
CVE-2024-38313 MEDIUM
Firefox for iOS < 127 - Info Disclosure
CVSS 4.3
CVE-2024-5698 MEDIUM
Firefox < 127 - CSRF
CVSS 6.1
CVE-2024-4950 MEDIUM
Google Chrome <125.0.6422.60 - XSS
CVSS 6.5
CVE-2024-30055 MEDIUM
Microsoft Edge < - SSRF
CVSS 5.4
CVE-2024-23708 HIGH
NotificationManagerService - Privilege Escalation
CVSS 7.8
CVE-2024-2631 MEDIUM
Google Chrome <123.0.6312.58 - XSS
CVSS 4.3
CVE-2024-0805 MEDIUM
Google Chrome <121.0.6167.85 - CSRF
CVSS 4.3
CVE-2024-0750 HIGH
Firefox < 122 - Info Disclosure
CVSS 8.8
CVE-2023-7282 MEDIUM
Google Chrome <113.0.5672.63 - SSRF
CVSS 4.3
CVE-2023-7281 MEDIUM
Google Chrome <119.0.6045.105 - XSS
CVSS 4.3
CVE-2023-7011 MEDIUM
Google Chrome <119.0.6045.105 - XSS
CVSS 6.5
CVE-2023-50938 MEDIUM
IBM PowerSC - CSRF
CVSS 6.5
CVE-2023-2941 MEDIUM
Google Chrome <114.0.5735.90 - XSS
CVSS 4.3
Details
Vulnerabilities 182
Links
MITRE CWE Entry Search this CWE With Exploits